[Secure-testing-team] libpam-mount CVE-2008-5138
Steffen Joeris
steffen.joeris at skolelinux.de
Mon Nov 24 11:13:55 UTC 2008
Hi Bastian
I was wondering, what are your plans for lenny regarding the insecure tempfile
issue (CVE-2008-5138)[0]? From what I can see the script is not available in
sid anymore, so can we just drop it? Otherwise it shouldn't be too hard to
come up with a patch using mktemp. I am happy to take care of that and NMU,
if the script is still needed, but wanted to check with you first.
Cheers
Steffen
[0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5138
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081124/8e50d632/attachment.pgp
More information about the Secure-testing-team
mailing list