oss-sec mailing list archives

Re: Fwd: [Python-modules-team] Bug#735263: python-rply: insecure use of /tmp

From: cve-assign () mitre org
Date: Fri, 17 Jan 2014 21:07:01 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

an insecure tempfile usage in rply

http://bugs.debian.org/735263

https://github.com/alex/rply/commit/fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7c


Use CVE-2014-1604.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJS2eFKAAoJEKllVAevmvmslHkIAMQsuOlcHjs2LY/fv3KhtSII
3Nj/uIT2Ha9h+lzIgA4fgpBEhTctrSolyJ8i4+sE2xTrXjhThZpffoeMB2Fewozw
KBsBooOBocqSPy6gihC7MKzyU+xctJ7UYJ7zEbgUEPmCGtT+lgOWRMpO/7V5NhJ9
2BH3LGamK1cp13k4aR6Y7sK4SwjVbnJiraNo5a2zkTDjmRRPkKzTdJuxQeT2y3xF
G6VCqctF2e/FpC7lchPXsoF0VGnDwVWCjkiydpYVWHFqQTVFsrVa9Rz2T8inbJuC
qaUrje7sYphml0RmB1wGISH3OZKsfSo+XhzfaQSSYvb2dUT8nflPRoDNtIK70MU=
=ScxP
-----END PGP SIGNATURE-----

Current thread:

Fwd: [Python-modules-team] Bug#735263: python-rply: insecure use of /tmp Daniel Kahn Gillmor (Jan 17)
- Re: Fwd: [Python-modules-team] Bug#735263: python-rply: insecure use of /tmp cve-assign (Jan 17)