On 2/15/23 18:51, Frank Heckenbach wrote:
Hi Frank,
Of course, chdir into /tmp is a bit risky as any file creation
before the next chdir would be susceptible to the same problem, but
I assume you made sure this won't happen.
BTW, when looked at the changes made, I noticed this:
Siep Kroonenberg wrote:
> The problem was that the test was specifically for a file rather
> than for any filesystem item.
>
> In the updated TL package, the test has been removed altogether
> since there was already a later test for successful generation of a
> temp subdirectory.
>
> The
Am 29.01.2023 um 00:00 teilte Frank Heckenbach mit:
Hello Frank,
Package: texlive-pictures
Version: 2020.20210202-3
Severity: grave
File: /usr/share/texlive/texmf-dist/scripts/epspdf/epspdf.tlu
Classic /tmp write vulnerability: function dir_writable writes to
"/tmp/1" (and if this fails,
Control: tags -1 + help
Am 29.01.2023 um 00:00 teilte Frank Heckenbach mit:
Hi,
Classic /tmp write vulnerability: function dir_writable writes to
"/tmp/1" (and if this fails, "/tmp/2" etc.) without sufficient
checks.
Harmless demonstration:
% mkfifo /tmp/1
% epspdf /etc/hostname /dev/null
Package: texlive-pictures
Version: 2020.20210202-3
Severity: grave
File: /usr/share/texlive/texmf-dist/scripts/epspdf/epspdf.tlu
Classic /tmp write vulnerability: function dir_writable writes to
"/tmp/1" (and if this fails, "/tmp/2" etc.) without sufficient
checks.
Harmless demonstration:
%
5 matches
Mail list logo
