Date: Thu, 08 Oct 2015 18:19:05 +0200 From: Daniel Stender <debian@...ielstender.com> To: oss-security@...ts.openwall.com CC: 756432@...s.debian.org, Debian Security Team <team@...urity.debian.org>, Salvatore Bonaccorso <carnil@...ian.org> Subject: CVE request: Gummi Hello, I request a CVE for Gummi (LaTeX editor with preview pane) , the current release is 0.6.5. The program uses predictable filenames for files in /tmp, which produces a race condition . I'm Debian maintainer for this software. Please assign a CVE as appropriate. Thanks, Daniel Stender  https://github.com/alexandervdm/gummi  https://bugs.debian.org/756432 gummi: Uses predictable filenames in /tmp based on basename -- 4096R/DF5182C8 46CB 1CA8 9EA3 B743 7676 1DB9 15E0 9AF4 DF51 82C8 LPI certified Linux admin (LPI000329859 64mz6f7kt4) http://www.danielstender.com/blog/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ