[Secure-testing-team] RFS: checkinstall security upload

Steffen Joeris steffen.joeris at skolelinux.de
Thu Jun 26 16:32:45 UTC 2008


On Thu, 26 Jun 2008 06:08:04 pm Felipe Sateler wrote:
> Hi. The version of checkinstall in Debian has a temporary directory
> creation security problem. I have patched checkinstall and the new version
> is available at mentors:
>
> http://mentors.debian.net/debian/pool/main/c/checkinstall/checkinstall_1.6.
>1-7.dsc
>
> This change is the only difference with the version in testing.
>
> Saludos,
> Felipe Sateler
>
> PS: please CC me in replies.
I am happy to take a look, sponsor correspondence can go off-list.

Do you know, when the vulnerability was introduced?

Cheers
Steffen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20080626/79238c7f/attachment.pgp 


More information about the Secure-testing-team mailing list