Summary: | app-crypt/mit-krb5: Insecure tempfile handling | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Luke Macken (RETIRED) <lewk> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | minor | CC: | aliz, rphillips | ||||
Priority: | Highest | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | All | ||||||
URL: | http://www.securityfocus.com/advisories/7263 | ||||||
Whiteboard: | B3 [stable+ x86] lewk | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Luke Macken (RETIRED)
2004-10-04 15:29:54 UTC
Created attachment 41098 [details, diff]
kerberos5-1.3.4-tempfile.patch
Trustix patch to fix insecure tempfile handling
aliz/rphillips, please verify and apply patch if necessary. Reference: http://www.securityfocus.com/advisories/7263 The patch applies cleanly to 1.3.4 and 1.3.5. 1.3.4-r1 needs to be tested on all arch's, but 1.3.5-r1 has been created also and should remain unstable. archs, please mark mit-krb5-1.3.4-r1 stable. stable on ppc Stable on alpha. Stable on sparc. stable on amd64. Stable on mips. Stable on ia64. stable on ppc64 GLSA blocked by missing x86 keyword... Could maintainer or x86 arch test and mark stable ? Done on hppa. klieber marked stable on x86. arm and s390 should mark stable to benefit from GLSA. GLSA 200410-24 |