oss-sec mailing list archives

Inkscape reads .eps files from /tmp instead of the current directory

From: Salvatore Bonaccorso <carnil () debian org>
Date: Sat, 29 Dec 2012 11:31:43 +0100

Hi

Going trough some bugreports in Debian I noticed [1], [2] I haven't
found a CVE for "Inkscape reads .eps files from /tmp instead of the
current directory".

If one has file foo.eps in current directory, and /tmp/foo.eps is
present

 $ inkscape foo.eps

opens the copy in /tmp/foo.eps

Does this warrants a CVE? If so could you assign one?

 [1]: http://bugs.debian.org/654341
 [2]: https://bugs.launchpad.net/inkscape/+bug/911146

Regards,
Salvatore

Attachment: signature.asc
Description: Digital signature

Current thread:

Inkscape reads .eps files from /tmp instead of the current directory Salvatore Bonaccorso (Dec 29)
- Re: Inkscape reads .eps files from /tmp instead of the current directory Kurt Seifried (Dec 29)