[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: temporary file race in texindex (was: CAN number)
|
From: |
Martin Pitt |
|
Subject: |
Re: temporary file race in texindex (was: CAN number) |
|
Date: |
Wed, 28 Sep 2005 16:20:45 +0200 |
|
User-agent: |
Mutt/1.5.9i |
Hi Frank!
Frank Küster [2005-09-28 16:11 +0200]:
> The current version, 4.8, is as well vulnerable:
>
> address@hidden:~$ diff -u
> src/packages_for_sponsoring/texinfo-4.{7,8}/util/texindex.c
> --- src/packages_for_sponsoring/texinfo-4.7/util/texindex.c 2004-03-18
> 23:26:53.000000000 +0100
> +++ src/packages_for_sponsoring/texinfo-4.8/util/texindex.c 2004-04-11
> 19:56:47.000000000 +0200
> @@ -1,5 +1,5 @@
> /* texindex -- sort TeX index dribble output into an actual index.
> - $Id: texindex.c,v 1.3 2004/03/18 22:26:53 karl Exp $
> + $Id: texindex.c,v 1.11 2004/04/11 17:56:47 karl Exp $
>
> Copyright (C) 1987, 1991, 1992, 1996, 1997, 1998, 1999, 2000, 2001,
> 2002, 2003, 2004 Free Software Foundation, Inc.
Lol, I hope this is not the only difference between the versions. :-)
> I have no idea whether and how I can (request to) change the info in
> the CVE database.
You can mail address@hidden and explain the issue, they will correct
it.
Thanks!
Martin
--
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntulinux.org
Debian Developer http://www.debian.org
signature.asc
Description: Digital signature