oss-sec mailing list archives
Re: CVE request: /tmp file vulnerability in ace
From: cve-assign () mitre org
Date: Fri, 12 Sep 2014 10:54:31 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I point out that said bin/g++-dep file can be found within http://download.dre.vanderbilt.edu/previous_versions/ACE-6.2.7.tar.bz2.
In our download, the filename is g++dep (without the '-'). If anyone is later requesting a CVE ID for that, we can mention: ACE_wrappers/debian/debian.changelog ace (5.6.3-4) unstable; urgency=low * Add the following missing programs to libace-dev: o $ACE_ROOT/bin/generate_export_file.pl o $ACE_ROOT/bin/split-cpp o $ACE_ROOT/bin/g++dep o $ACE_ROOT/bin/add_rel_link.sh This apparently means that at least one version of libace-dev was shipped with the generate_doxygen.pl file but without the g++dep file, and thus we'd have a situation of "different affected versions." - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJUEwi8AAoJEKllVAevmvmsgC4IAK0MJIS6xqVkszWvLOx91ec0 o9z7NTem7ywTWhv8X9Herbcb9fbev8SfEb3uFSZd+iFylzAgwKSD3VhPcdADjBVS C71GBpbDwzqE8+vVN8BalMdGu7D29cANALHng1U1gMYbKd0O2Bxv62yccuKf543X ilX2WDacFKimTi6yJoEAM31FzHQqQlKJ7ePvbPYal8tbtrtDnbNLcPbJGhoztqLO 8ReheWMkHdCRjIaFqiaFxcfcsK5cTn/RqFkD5gDi+WnFBFvKkdhM4WqRhNWwJvqS c6qBwzP0oMX6/s3BSPHWtjbPJ06ZmVgLAbkLWLPyKQ8+UuXd6JmMKNgR0S17Ddg= =1vFr -----END PGP SIGNATURE-----
Current thread:
- CVE request: /tmp file vulnerability in ace Helmut Grohne (Sep 07)
- Re: CVE request: /tmp file vulnerability in ace cve-assign (Sep 11)
- Re: CVE request: /tmp file vulnerability in ace Helmut Grohne (Sep 12)
- Re: CVE request: /tmp file vulnerability in ace cve-assign (Sep 12)
- Re: CVE request: /tmp file vulnerability in ace Helmut Grohne (Sep 12)
- Re: CVE request: /tmp file vulnerability in ace cve-assign (Sep 11)