oss-sec mailing list archives
Re: CVE id request: uudeview
From: Robert Buchholz <rbu () gentoo org>
Date: Fri, 30 May 2008 09:08:29 +0200
On Tuesday 13 May 2008, Nico Golde wrote:
It makes use of tempnam which is known to be insecure to generate temporary files.
nzbget before 0.3.0 (I tried 0.2.3) ships a copy of the affected code. Nico's patch applies there fine. As for false positives, Convert-UUlib and pan fixed their copies of the code. Robert
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE id request: uudeview Nico Golde (May 13)
- Re: CVE id request: uudeview Nico Golde (May 14)
- Re: CVE id request: uudeview Steven M. Christey (May 18)
- Re: CVE id request: uudeview Robert Buchholz (May 30)
- Re: CVE id request: uudeview Nico Golde (May 14)