... that allows symlink attacks like another user's file overwriting. Thanks a lot to Tavis for reporting this. Still, this minor issue has been fixed in 1998 in Suse packages, so i consider it is public, but gentoo is not safe yet. --- expn.orig 2008-02-14 15:34:05.083376000 +0000 +++ expn 2008-02-14 15:37:11.380887000 +0000 @@ -9,6 +9,7 @@ # hardcoded constants, should work fine for BSD-based systems #require 'sys/socket.ph'; # perl 4 use Socket; # perl 5 +use Fcntl; $AF_INET = &AF_INET; $SOCK_STREAM = &SOCK_STREAM; @@ -1009,7 +1010,7 @@ } $0 = "$av0 - nslookup of $server"; - open(T,">/tmp/expn$$") || die "open > /tmp/expn$$: $!\n"; + sysopen(T,"/tmp/expn$$", O_EXCL | O_CREAT) || die "open > /tmp/expn$$: $!\n"; print T "set querytype=MX\n"; print T "$server\n"; close(T);
net-fs please advise.
net-fs, please bump.
Arches, please test and mark stable: =net-fs/am-utils-6.1.5 Target keywords : "alpha amd64 ia64 ppc release x86"
x86 stable
alpha/ia64 stable
amd64 stable
ppc stable
GLSA vote: YES.
Fixed in release snapshot.
This is a vote, YES from me.
Yes too and request filed.
GLSA 200804-09