Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
The file stardict-config.sh make insecure use of the file "/tmp/fonts.dir" without first checking to see if that file is a symlink. This could allow for the overwriting of arbitrary files on the filesystem when installing stardict.
app-dicts please advise.
I haven't seen anything from liquidx for a while, so I'll stick my nose in. It seems the script is unused, legacy from version 1.x which are no longer in the tree - so I've just removed it.
Thx Kevin. This one is ready for GLSA decision. I vote NO as the script itself seems unused/uninstalled. Please correct me if I'm wrong.
When it's not an everyday usage (contrary to an installation script for example), i vote no. Closing, feel free to reopen if you disagree.
