Summary: | <x11-misc/pcmanfm-1.2.3: Insecure temporary file creation in get_socket_name function | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | hwoarang, lxde+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1451064 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 625180 |
Description
Agostino Sarubbo
2017-05-16 07:23:51 UTC
commit 3e7da11f260f36acddc64b074d2eef63bb1a14b6 Author: charIes17 <charles17@arcor.de> Date: Mon Jul 17 09:36:09 2017 +0200 x11-misc/pcmanfm: Add patch for CVE-2017-8934 Bug: https://bugs.gentoo.org/show_bug.cgi?id=618622 Bug: https://bugs.gentoo.org/show_bug.cgi?id=624938 GLSA Vote: No (Note that this didn't get a revbump for the patch, but it is there.) (In reply to sam_c (Security Padawan) from comment #4) > (Note that this didn't get a revbump for the patch, but it is there.) In the meantime a new version has been added and is also stabilized on all archs, so I'm going to fix this by removing the older versions. |