feynmf.pl as shipped in dev-tex/feynmf-1.08-r1 creates files in an insecure manner.
The attached patch should fix this, and is extracted from the Debian package. Please also check with upstream whether this is included in their repository and coordinate that if necessary.
Created attachment 135305 [details, diff]
Ulrich, please advise.
It seems to me that calling /bin/tempfile is not the Perl way of doing things. The program should for example use File::Temp and call the tempfile() function. I'm going to provide a new patch.
Created attachment 135319 [details, diff]
Fixed in -r2. New patch attached.
Arch teams, please stabilise dev-tex/feynmf-1.08-r2.
Vulnerable version 1.08-r1 removed.
Voting YES as it uses a temporary name that is easily determinable by local attackers (process id).
yes too, request filed.