From ${URL} : Steve Kemp discovered that the function scheme48-send-definition in cmuscheme48.el of scheme48 insecurely use temorary files[0]. This was addressed upstream in commit [1]. Could a CVE be assigned for this issue? [0] http://bugs.debian.org/748766 [1] http://www.s48.org/cgi-bin/hgwebdir.cgi/s48/rev/a44624256297 @maintainer(s): since the package or the affected version has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.
Dead upstream, but package has dependencies. @maintainer(s), please provide a patch for 1.9.2 and cleanup the vulnerable versions. http://www.s48.org/cgi-bin/hgwebdir.cgi/s48/rev/a44624256297
@maintainer(s), package bumped with patch. Please cleanup.
committer Amy Winston <amynka@gentoo.org> 2016-07-05 12:54:14 (GMT) commit c8ecb9fa143484d4a24acd76d51f5b9078375186 dev-scheme/scheme48: clean vulnerable versions bug #513088