Date: Thu, 08 Oct 2015 18:19:05 +0200 From: Daniel Stender <debian@...ielstender.com> To: oss-security@...ts.openwall.com CC: 756432@...s.debian.org, Debian Security Team <team@...urity.debian.org>, Salvatore Bonaccorso <carnil@...ian.org> Subject: CVE request: Gummi Hello, I request a CVE for Gummi (LaTeX editor with preview pane) , the current release is 0.6.5. The program uses predictable filenames for files in /tmp, which produces a race condition . I'm Debian maintainer for this software. Please assign a CVE as appropriate. Thanks, Daniel Stender  https://github.com/alexandervdm/gummi  https://bugs.debian.org/756432 gummi: Uses predictable filenames in /tmp based on basename -- 4096R/DF5182C8 46CB 1CA8 9EA3 B743 7676 1DB9 15E0 9AF4 DF51 82C8 LPI certified Linux admin (LPI000329859 64mz6f7kt4) http://www.danielstender.com/blog/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.