Summary: | net-fs/netatalk: Insecure tempfile handling | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Luke Macken (RETIRED) <lewk> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | minor | CC: | net-fs, x86 | ||||
Priority: | Highest | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | All | ||||||
URL: | http://www.securityfocus.com/advisories/7263 | ||||||
Whiteboard: | B3 [stable+ x86] lewk | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Luke Macken (RETIRED)
2004-10-04 17:01:07 UTC
Created attachment 41111 [details, diff]
netatalk-1.6.4-tempfile.patch
Trustix patch to fix insecure tempfile handling
net-fs herd, please verify and apply patch. thanks! Today is the 5th day this bug has been open without a comment from net-fs. I'm bumpping this one for them in a few mins. *netatalk-1.6.4-r1 (09 Oct 2004) 09 Oct 2004; <solar@gentoo.org> +files/netatalk-1.6.4-tempfile.patch, +netatalk-1.6.4-r1.ebuild: security bump. Insecure tempfile handling bug 66370 KEYWORDS="~x86 ~ppc ~sparc ~ppc64" x86, ppc, ppc64 had the 1.6.1 version stable while sparc never had any revision stable. If all the arches can mark 1.6.1-r1 stable then netatalk-1.5.3.1-r1, netatalk-1.6.2, netatalk-1.6.3, netatalk-1.6.4 can and should be removed from the tree. thanks for the bump solar. archs, please mark netatalk-1.6.4-r1 stable. done on ppc Stable on sparc. stable on ppc64, thanks! x86 : we're waiting for you to mark netatalk-1.6.4-r1 stable GLSA is blocked by your missing KEYWORD marked stable on x86 GLSA 200410-25 |