oss-sec mailing list archives

CVE Request: patch: directory traversal via file rename

From: Salvatore Bonaccorso <carnil () debian org>
Date: Sat, 24 Jan 2015 11:03:17 +0100

Hi

Could you please assign a CVE for the following issue in patch? There
is a directory traversal flaw via file rename.

It was reported to the Debian BTS as #775873[1] and is different from
#775227, which was a directory traversal via symlinks and got
CVE-2015-1196.

 [1] https://bugs.debian.org/775873
 [2] https://savannah.gnu.org/bugs/?44059

Regards,
Salvatore

Current thread:

CVE Request: patch: directory traversal via file rename Salvatore Bonaccorso (Jan 24)
- Re: CVE Request: patch: directory traversal via file rename cve-assign (Jan 28)