severity 317027 normal tags 317027 +pending thanks On Tue, Jul 05, 2005 at 07:40:18PM +0200, Moritz Muehlenhoff wrote: > Package: ekg > Severity: important > Tags: security > > ekg creates temporary files in a predictable manner, which can be > exploited through a symlink attack. For full details please have > at look at http://www.zataz.net/adviso/ekg-06062005.txt
Thanks for the notice. I read bugtraq and SF anyway though. The severity seems a bit high, as this is only a contributed example script, and is not installed on $PATH. The upstream has not decided yet what to do about this. I'll try to fix it (and other scripts having even bigger flaws) today. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
