| Summary: | sys-apps/ed: insecure creation of temporary file (CVE-2006-6939) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Raphael Marichez (Falco) (RETIRED) <falco> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | normal | CC: | ulm |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6939 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Raphael Marichez (Falco) (RETIRED)
2007-01-22 11:27:15 UTC
ed-0.4 now in portage thanks vapier.... arches please test sys-apps/ed-0.4 and mark stable if possible Please note that the open_sbuf() security issue mentioned in the CVE was fixed in the Gentoo version of ed more than 2 years ago, see bug #66400, bug #73858, and GLSA 200410-07. sys-apps/ed-0.2-r6 is definitely _not_ affected by the issue. good catch, that indeed appears to be the case vapier, could you confirm? that does seem to be the case sparc stable. *** This bug has been marked as a duplicate of bug 66400 *** arches, no need to mark this as stable now, Ulrich is right (comment #3). Thanks to him. Those who have already marked stable, you are free to decide what you prefer to do. We'll just leave it stable and roll back if there's any problem with the newer version. stable on hppa |