-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> release is 0.6.5.
>
> The program uses predictable filenames for files in /tmp, which produces a
> race
> condition
>
> I'm Debian maintainer for this software.
>
> https://bugs.debian.org/756432
Use CVE-2015-7758.
Note that the discussion re
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> There is a local DoS triggered by use of the TCP Fast Open option,
> specific to Linux stable branches, as a result of an incompletely
> backported bug fix:
>
> https://bugs.debian.org/782515
> http://thread.gmane.org/gmane.linux.network/359588
> T
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> Linux kernel commit ccfe8c3f7e52 ("crypto: aesni - fix memory usage in
> GCM decryption") fixes two bugs in pointer arithmetic that lead to
> buffer overruns (even with valid parameters!):
>
> https://git.kernel.org/linus/ccfe8c3f7e52ae83155cb038753
On Tue, 30 Dec 2014, Moritz Muehlenhoff wrote:
On Mon, Dec 08, 2014 at 01:45:12PM +0100, Vasyl Kaigorodov wrote:
Hello,
A buffer overflow was reported [1] in mpfr.
This is due to incorrect GMP documentation for mpn_set_str about the
size of a buffer (discussion is at [1]; first fix in the GMP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771125
> mutt segfaults when trying to show the attached message. (You might need
> to disable header weeding to trigger the crash.)
Use CVE-2014-9116.
- --
CVE assignment team, MITRE CVE Numberin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114
>
> I created a minimal test case in around 200 lines.
>
> It uses a file with the intercepted scanlines of the calls to
> jpeg_write_scanlines.
>
> Also the Exif marker is read from su
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> It was reported that Icecast could possibly leak the contents of
> on-connect scripts to clients, which may contain sensitive information.
> This issue has been fixed in the 2.4.1 release:
> "Fix on-connect and on-disconnect script STDIN/STDOUT/STDE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> There is a command injection flaw in lsyncd, a file change monitoring
> and synchronization daemon:
>
> https://github.com/axkibe/lsyncd/issues/220
>
> https://github.com/creshal/lsyncd/commit/18f02ad013b41a72753912155ae2ba72f2a53e52
>
> https://b
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> because the build directory is predictable a local DoS is possible
> simply by creating a /tmp/pip-build-/ directory owned by
> someone other than the defined user
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725847
> https://github.com/pyp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282
Use CVE-2014-5459.
- --
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> mkdtskel and mkxmltype using insecurely temporary files using the pid
> of the process in the temporary file name.
>
> /tmp/_xml_$$
>
> https://bugs.debian.org/756566
Use CVE-2014-5260.
> fixed in XML-DT 0.65 upstream, see
>
> https://metacpan.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> rs_filter_graph in librawstudio/rs-filter.c
>
> /tmp/rs-filter-graph
> /tmp/rs-filter-graph.png
>
> This allows the truncation of arbitrary files
Use CVE-2014-4978.
- --
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> The bug is caused by allowing the user to supply a negative index
> value.
> http://bugs.python.org/issue21529
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395
> https://bugzilla.redhat.com/show_bug.cgi?id=1112285
> https://hackerone.com/r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> According to the manual page, after calling it with 1 as a second
> argument, any consecutive system calls other than read(), write(),
> _exit() and sigreturn() should result in the delivery of SIGKILL.
> However, under MIPS any consecutive system ca
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> https://defuse.ca/audits/encfs.htm
> the last one sounds CVE worthy
Use CVE-2014-3462 for that issue, i.e., 'The purpose of MAC headers is
to prevent an attacker with read/write access to the ciphertext from
being able to make changes without being
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746322 and
> https://github.com/defnull/bottle/issues/616 report an issue where
> Bottle treated "text/plain;application/json" as JSON, allowing security
> mechanisms to be bypassed.
Use CVE-2014-313
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> Jakub Wilk discovered that clang's scan-build utility insecurely handled
> temporary files.
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817
> The GetHTMLRunDir subroutine ...
>
> 3) The function doesn't fail if the directory already e
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> The Debian report is about single quotes. On Fedora
> (https://bugzilla.redhat.com/show_bug.cgi?id=1077059) double quotes were
> needed.
The recent upstream patch:
https://bitbucket.org/jeromerobert/k4dirstat/commits/1ad2e96d73fa06cd9be0f3749b33
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Use CVE-2014-2277 for the issue in which, on all platforms, the
filename string returned by make_temporary_filename might be used for
an attacker's symlink before that filename is used by the perltidy
code to write lines into a file.
> $^O =~ /win32|d
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739536
> From brief testing on Fedora with Samba and the "create mask" smb.conf
> option, this issue only presented when running xfe as the root user. The
> intended mask was used when running xfe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> suPHP 0.7.2 has been released.
> This release fixes a security issue that was introduced with the 0.7.0
> release. This issue affected the source-highlighting feature and could
> only be exploited, if the suPHP_PHPPath option was set. In this case
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> Jakub Wilk reported insecure temporary file use in f2py.
>
> numpy/f2py/__init__.py contains this code:
>
> fname = os.path.join(tempfile.mktemp()+'.f')
>
> f = open(fname,'w')
>
> Can a CVE please be assigned if one hasn't been a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> open("/tmp/5KKGPDNyy0", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE,
Use CVE-2014-1875.
- --
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/reque
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
>> https://bugzilla.redhat.com/show_bug.cgi?id=1060630#c5
>> * Mon Feb 12 2001 Tim Waugh
>> - Fix tmpfile security patch so that it actually _works_ (bug #27155).
>> And notes
>> http://pkgs.fedoraproject.org/cgit/a2ps.git/plain/a2ps-4.13-security.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> https://bugzilla.redhat.com/show_bug.cgi?id=1060630#c5
>
> * Fri Jan 05 2001 Preston Brown
> - security patch for tmpfile creation from Olaf Kirch
>
> followed the next month by a fix to that patch:
>
> * Mon Feb 12 2001 Tim Waugh
> - Fix tmpfi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> If a local attacker can predict this filename, and precreates a
> symlink with the same filename that points to an arbitrary directory
> with mode 755, owner root and group root, then the attacker will
> succeed in making Phusion Passenger write file
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> as reported by Jakub Wilk in http://bugs.debian.org/736247, there is a
> TOCTOU failure in python's xdg module
>
> 1) Create symlink /tmp/pyxdg-runtime-dir-fallback-victim, pointing to a
> directory owned by the victim
Use CVE-2014-1624.
- --
CV
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> http://www.openwall.com/lists/oss-security/2014/01/07/10
> gdm3 needs one also
> Basically, when gdm3 is configured to not show a list of users (but
> instead shows a blank box for the login prompt), if the user clicks
> "cancel" or hits the escape
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> christian mock has reported[1] that Proc::Daemon, when
> instructed to write a pid file, does that with a umask set to 0, so
> the pid file ends up with world-writable permissions.
>
> Upstream bugreport is at [2].
>
> [1] http://bugs.debian.org/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> This verison of ack prevents the --pager, --regex and --output
> options from being used from project-level ackrc files. It is
> possible to execute malicious code with these options
Use CVE-2013-7069.
- --
CVE assignment team, MITRE CVE Numberin
30 matches
Mail list logo
