oss-sec mailing list archives

CVE Request: XML-DT: Insecure use of temporary files

From: Salvatore Bonaccorso <carnil () debian org>
Date: Thu, 31 Jul 2014 07:12:28 +0200

Hi

Steve Kemp reported to to the Debian BTS in [1] that the XML-DT Perl
module distribution contains mkdtskel and mkxmltype using insecurely
temporary files using the pid of the process in the temporary file
name.

 [1] https://bugs.debian.org/756566

Could a CVE be assigned for this issue?

Regards,
Salvatore

Current thread:

CVE Request: XML-DT: Insecure use of temporary files Salvatore Bonaccorso (Jul 30)
- Re: CVE Request: XML-DT: Insecure use of temporary files Salvatore Bonaccorso (Aug 01)
- Re: CVE Request: XML-DT: Insecure use of temporary files cve-assign (Aug 15)
  - Re: CVE Request: XML-DT: Insecure use of temporary files Alberto Simoes (Aug 15)