Summary: | <games-server/crossfire-server-1.11.0: Insecure temporary file creation | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | anmaster, games |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 235770 |
Description
Robert Buchholz (RETIRED)
2008-08-30 13:15:41 UTC
Games: please comment. So, a random, poorly-coded perl script that is installed in a directory not in any path, and never called by any installed binary is grounds for a security bug? Seems pretty unnecessary. I changed the package to not install that script anymore but this doesn't qualify as a security bug to me. 30 Jan 2010; Michael Sterrett <mr_bones_@gentoo.org> crossfire-server-1.11.0.ebuild: Skip install of combine.pl (bug #236205) Closing as noglsa - vulnerable versions were ~arch only. |