oss-sec mailing list archives
Re: CVE request: patch directory traversal flaw
From: Josh Bressers <bressers () redhat com>
Date: Thu, 6 Jan 2011 15:52:09 -0500 (EST)
Please use CVE-2010-4651. Thanks. -- JB ----- Original Message -----
We got a heads up on a directory traversal flaw in patch. I don't think a CVE name has been assigned to it; could we get one? It allows for the creation of arbitrary files in unexpected places due to the use of '..'. References: https://bugzilla.redhat.com/show_bug.cgi?id=667529 http://osdir.com/ml/bug-patch-gnu/2010-12/msg00000.html Thanks. -- Vincent Danen / Red Hat Security Response Team
Current thread:
- CVE request: patch directory traversal flaw Vincent Danen (Jan 05)
- Re: CVE request: patch directory traversal flaw Dan Rosenberg (Jan 05)
- Re: CVE request: patch directory traversal flaw Vincent Danen (Jan 05)
- Re: CVE request: patch directory traversal flaw Steve Beattie (Jan 06)
- Re: CVE request: patch directory traversal flaw Raphael Geissert (Jan 06)
- Re: CVE request: patch directory traversal flaw Josh Bressers (Jan 06)
- Re: CVE request: patch directory traversal flaw Vasiliy Kulikov (Jan 26)
- Re: CVE request: patch directory traversal flaw Vasiliy Kulikov (Feb 18)
- Re: CVE request: patch directory traversal flaw Raphael Geissert (Jan 06)
- Re: CVE request: patch directory traversal flaw Dan Rosenberg (Jan 05)