oss-sec mailing list archives
Re: CVE request: /tmp file vulnerability in ace
From: cve-assign () mitre org
Date: Fri, 12 Sep 2014 10:54:31 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I point out that said bin/g++-dep file can be found within http://download.dre.vanderbilt.edu/previous_versions/ACE-6.2.7.tar.bz2.
In our download, the filename is g++dep (without the '-').
If anyone is later requesting a CVE ID for that, we can mention:
ACE_wrappers/debian/debian.changelog
ace (5.6.3-4) unstable; urgency=low
* Add the following missing programs to libace-dev:
o $ACE_ROOT/bin/generate_export_file.pl
o $ACE_ROOT/bin/split-cpp
o $ACE_ROOT/bin/g++dep
o $ACE_ROOT/bin/add_rel_link.sh
This apparently means that at least one version of libace-dev was
shipped with the generate_doxygen.pl file but without the g++dep file,
and thus we'd have a situation of "different affected versions."
- --
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)
iQEcBAEBAgAGBQJUEwi8AAoJEKllVAevmvmsgC4IAK0MJIS6xqVkszWvLOx91ec0
o9z7NTem7ywTWhv8X9Herbcb9fbev8SfEb3uFSZd+iFylzAgwKSD3VhPcdADjBVS
C71GBpbDwzqE8+vVN8BalMdGu7D29cANALHng1U1gMYbKd0O2Bxv62yccuKf543X
ilX2WDacFKimTi6yJoEAM31FzHQqQlKJ7ePvbPYal8tbtrtDnbNLcPbJGhoztqLO
8ReheWMkHdCRjIaFqiaFxcfcsK5cTn/RqFkD5gDi+WnFBFvKkdhM4WqRhNWwJvqS
c6qBwzP0oMX6/s3BSPHWtjbPJ06ZmVgLAbkLWLPyKQ8+UuXd6JmMKNgR0S17Ddg=
=1vFr
-----END PGP SIGNATURE-----
Current thread:
- CVE request: /tmp file vulnerability in ace Helmut Grohne (Sep 07)
- Re: CVE request: /tmp file vulnerability in ace cve-assign (Sep 11)
- Re: CVE request: /tmp file vulnerability in ace Helmut Grohne (Sep 12)
- Re: CVE request: /tmp file vulnerability in ace cve-assign (Sep 12)
- Re: CVE request: /tmp file vulnerability in ace Helmut Grohne (Sep 12)
- Re: CVE request: /tmp file vulnerability in ace cve-assign (Sep 11)