Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 07 Sep 2014 21:03:26 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
Subject: Re: Python robotframework - tmp vuln

Oh and the reason I'm not assigning CVE's for these is this is a side
project on my own time to help push us over CVE10k but I'm too lazy to
use my personal email account. =)

On 07/09/14 08:49 PM, Kurt Seifried wrote:
> This is the first of many, only looking at programs with >5000 downloads
> in the last month.
> 
> https://pypi.python.org/pypi/robotframework-pabot/
> 
> robotframework-pabot-0.8/pabot/result_merger.py
> 
> if __name__ == '__main__':
>     merge('../tmp/passing.xml',
> '../tmp/failing.xml').save('../tmp/merged.xml')
> 
> 

-- 
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ