oss-sec mailing list archives
Re: CVE id request: uudeview
From: Nico Golde <oss-security+ml () ngolde de>
Date: Wed, 14 May 2008 19:05:58 +0200
Hi, * Nico Golde <oss-security+ml () ngolde de> [2008-05-13 21:39]:
can I get a CVE id for uudeview[0]? http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 It makes use of tempnam which is known to be insecure to generate temporary files.
Looks like CAN-2004-2265 was reintroduced, have a look at: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320541 Same issue, rewritten code. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
_bin
Description:
Current thread:
- CVE id request: uudeview Nico Golde (May 13)
- Re: CVE id request: uudeview Nico Golde (May 14)
- Re: CVE id request: uudeview Steven M. Christey (May 18)
- Re: CVE id request: uudeview Robert Buchholz (May 30)
- Re: CVE id request: uudeview Nico Golde (May 14)