Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 103568
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Sune Kloppenborg Jeppesen <jaervosz@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
lm-sensors.diff lm-sensors.diff patch Thierry Carrez (RETIRED) 2005-08-24 07:20 0000 988 bytes Details | Diff
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 103568 depends on: Show dependency tree
Bug 103568 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2005-08-24 02:25 0000 
Javier Fern

------- Comment #1 From Sune Kloppenborg Jeppesen 2005-08-24 02:25:47 0000 ------- 
Javier Fernández-Sanguino Peña reports ath the pwmconfig script creates the 
temp file /tmp/fancontrol insecurely.

------- Comment #2 From Thierry Carrez (RETIRED) 2005-08-24 07:20:35 0000 ------- 
Created an attachment (id=66752) [details]
lm-sensors.diff

Patch from Ubuntu.

------- Comment #3 From Henrik Brix Andersen 2005-08-24 07:31:23 0000 ------- 
Has this patch been submitted upstream? It's not present in current CVS HEAD.

------- Comment #4 From Henrik Brix Andersen 2005-08-24 07:41:01 0000 ------- 
Oh, sorry - it _is_ present is CVS HEAD.

I'll prepare a new ebuild.

------- Comment #5 From Henrik Brix Andersen 2005-08-24 07:48:13 0000 ------- 
Fixed in sys-apps/lm_sensors-2.9.1-r1.

I'll mark it stable on x86 within the next 24 hours if no additional bugs are
reported.

------- Comment #6 From Henrik Brix Andersen 2005-08-24 15:34:53 0000 ------- 
Stable on x86.

------- Comment #7 From Olivier Crete 2005-08-24 16:40:00 0000 ------- 
amd64 done

------- Comment #8 From Michael Hanselmann (hansmi) (RETIRED) 2005-08-25 11:26:28 0000 ------- 
Stable on ppc.

------- Comment #9 From Henrik Brix Andersen 2005-08-26 03:25:30 0000 ------- 
Ready for GLSA?

------- Comment #10 From Sune Kloppenborg Jeppesen 2005-08-26 03:34:11 0000 ------- 
Thx for the reminder Brix. 
 
Ready for GLSA vote, I tend to vote NO.

------- Comment #11 From Thierry Carrez (RETIRED) 2005-08-26 05:53:54 0000 ------- 
I tend to vote YES, as this is typically run by root.

------- Comment #12 From Sune Kloppenborg Jeppesen 2005-08-26 07:19:34 0000 ------- 
Forgot about that reversing my vote to YES.

------- Comment #13 From Stefan Cornelius (RETIRED) 2005-08-27 02:33:22 0000 ------- 
as it's run as root, i vote yes.

------- Comment #14 From Tavis Ormandy (RETIRED) 2005-08-27 02:36:33 0000 ------- 
agree with Koon, vote YES

------- Comment #15 From Thierry Carrez (RETIRED) 2005-08-30 07:58:15 0000 ------- 
GLSA 200508-19
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug