Nikolaus Schulz wrote:
> Package: libid3-3.8.3c2a
> Version: 3.8.3-6
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
>
> when tagging file $foo, a temporary copy of the file is created, and for some
> reason, libid3 doesn't use mkstemp but just creates $foo.XX
Package: libid3-3.8.3c2a
Version: 3.8.3-6
Severity: grave
Tags: security
Justification: user security hole
Hi,
when tagging file $foo, a temporary copy of the file is created, and for some
reason, libid3 doesn't use mkstemp but just creates $foo.XX literally,
without any checking.
This wou
2 matches
Mail list logo