oss-sec mailing list archives
Re: CVE request: patch directory traversal flaw
From: Vincent Danen <vdanen () redhat com>
Date: Wed, 5 Jan 2011 15:17:07 -0700
* [2011-01-05 17:04:59 -0500] Dan Rosenberg wrote:
Be sure to be careful while applying the patch to fix this one. :p
heh, yes indeed. =)
On Wed, Jan 5, 2011 at 4:54 PM, Vincent Danen <vdanen () redhat com> wrote:We got a heads up on a directory traversal flaw in patch. I don't think a CVE name has been assigned to it; could we get one? It allows for the creation of arbitrary files in unexpected places due to the use of '..'. References: https://bugzilla.redhat.com/show_bug.cgi?id=667529 http://osdir.com/ml/bug-patch-gnu/2010-12/msg00000.html Thanks.
--Vincent Danen / Red Hat Security Response Team
Current thread:
- CVE request: patch directory traversal flaw Vincent Danen (Jan 05)
- Re: CVE request: patch directory traversal flaw Dan Rosenberg (Jan 05)
- Re: CVE request: patch directory traversal flaw Vincent Danen (Jan 05)
- Re: CVE request: patch directory traversal flaw Steve Beattie (Jan 06)
- Re: CVE request: patch directory traversal flaw Raphael Geissert (Jan 06)
- Re: CVE request: patch directory traversal flaw Josh Bressers (Jan 06)
- Re: CVE request: patch directory traversal flaw Vasiliy Kulikov (Jan 26)
- Re: CVE request: patch directory traversal flaw Vasiliy Kulikov (Feb 18)
- Re: CVE request: patch directory traversal flaw Raphael Geissert (Jan 06)
- Re: CVE request: patch directory traversal flaw Dan Rosenberg (Jan 05)