Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 16 Apr 2014 14:26:06 +1000
From: Murray McAllister <mmcallis@...hat.com>
To: oss-security@...ts.openwall.com
CC: 744817@...s.debian.org
Subject: CVE request: insecure temporary file handling in clang's scan-build
 utility

Hello,

Jakub Wilk discovered that clang's scan-build utility insecurely handled 
temporary files. Full details in his report:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817

Can a CVE please be assigned?

Cheers,

--
Murray McAllister / Red Hat Security Response Team

https://bugzilla.redhat.com/show_bug.cgi?id=1088105

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.