Summary: | sci-visualization/mayavi symlink attack (CVE-2008-5151) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | sci |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5151 | ||
Whiteboard: | ~3 [ebuild] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 235770 |
Description
Stefan Behte (RETIRED)
2008-11-18 19:04:16 UTC
*PING* Hi, I think this advisory doesn't apply. The /tmp/err.log attack is on a comment in test_parser.py, and looking at the code, the only reference to a possible temp file was commented out (line 161). So I would close this as invalid but I need security experts to confirm. Thanks We should close this one, as it is a non issue. @security: ok with that? Confirmed, closing. |