|
Message-ID: <20131127121009.GC24442@suse.de> Date: Wed, 27 Nov 2013 13:10:09 +0100 From: Sebastian Krahmer <krahmer@...e.de> To: oss-security@...ts.openwall.com Subject: Re: CVE request: hplip insecure temporary file handling in pkit.py Hi, Funny. I just told upstream about that yesterday: https://bugzilla.novell.com/show_bug.cgi?id=852368 I think hplip could deserve a deeper look. Sebastian On Wed, Nov 27, 2013 at 12:46:54PM +0100, Raphael Geissert wrote: > Hi, > > On 27 November 2013 12:22, Ratul Gupta <ratulg@...hat.com> wrote: > > Hello, > > > > A temporary file handling flaw was found in hplip/pkit.py. > > > > References: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725876 > > Thanks for sending the request, I was waiting for the problem to be > confirmed but later forgot about it. > > > Can a CVE please be assigned if one has not been already? > > None has been assigned as far as I'm aware of. > > Cheers, > -- > Raphael Geissert - Debian Developer > www.debian.org - get.debian.net -- ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@...e.de - SuSE Security Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.