[Debian-med-packaging] Bug#496366: Bug#496366: Bug#496366: The possibility of attack with the help of symlinks in some Debian packages

Charles Plessy plessy at debian.org
Mon Aug 25 14:52:34 UTC 2008


tag 496366 patch
tag 496366 - help
thanks

Le Mon, Aug 25, 2008 at 09:01:53AM +0200, Thijs Kinkhorst a écrit :
> 
> In the attachment is an example patch which solves the first occurrence. As 
> you can see its very simple.

Many thanks, Thijs.

With your example it was much more simple than I thought. I prepared a
patch that I will forward upstream:

http://svn.debian.org/wsvn/debian-med/trunk/packages/mafft/trunk/debian/patches/Securisation-by-mktemp-usage.patch?op=file&rev=0&sc=0

I would appreciate if Dmitry could review it before I send it.

Have a nice day,

-- 
Charles Plessy
Debian Med packaging team,
Tsurumi, Kanagawa, Japan





More information about the Debian-med-packaging mailing list