Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <4EEF6776.7010900@redhat.com>
Date: Mon, 19 Dec 2011 09:33:58 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE id request: python-virtualenv


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/19/2011 09:21 AM, Nico Golde wrote:
> An insecure /tmp file handling was found in python-virtualenv:
> https://bitbucket.org/ianb/virtualenv/changeset/8be37c509fe5o
>
> Can someone assign a CVE id for this?
>
> Kind regards
> Nico
Link is 404

- -- 

- -Kurt Seifried / Red Hat Security Response Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iQIcBAEBAgAGBQJO72d1AAoJEBYNRVNeJnmTpNAQAINiKQVnIoi+jHQ7Mlb+nCUz
6dbHgJnM9aQ9hhq0YbSDb7g8uYJxcbtehXQ6MYyv6mSH+utq6ynQEdZi/RzizYIR
NC4tD/+7jOiHubX/NKVDwVMkKEM/xObrUrkCtM5icnj9K5hkyxbji/TmmYc0mYBH
7eeg3g6CsAkPHbfmhZz40LHh50yuWIn99LUOcgs7mGs9xsei/d1/PSNOONCMDpma
LHLyjNQwekiEt3r3ERHwSiUJKYGn5i065W0UpDuL9NU2E/LsnESQtgniOCjNj524
s7VYDgR9WVZKXX7BHkcDOWYTewI69Sz7gnNiJLhrFMYSCXLzK7CAoaqho6hEKnRV
4GF+cfMtbTBn84c/Iiu8Oq4afPQo9Z7lAqK7vRvZrzib4lXrU4XUogWE57sHTmaD
uSjHH0DYOH7ZDgWIRHUGFprxPb+vc8POWS2zkZ7M6F7Id+h/t/Omhom6qhs+LTOD
LRmGwtP1put+NZB+Jxgm1NPJdwISxRWWw6VUWXDxPdw6zN8uteVOdZE5ZLtjEHNS
hXQpgkAYCxtnU9sSAQ5ZseIVmv009T5+nuGj8nlhaKf7+snAyBmLB0EnO0Ly6RnS
pZu17TnN7xo+RhN3ESL4Znu3lSPKEQtcy58fkP9tqBzptzT7W6khQ3hJ6Gu43X26
2kfsHlqO6fTtfL8zvOn2
=mNKu
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.