[Ubuntu-x-swat] [Bug 1036211] Re: xdiagnose has a symlink attack due to improperly named file in /tmp

Launchpad Bug Tracker Tue, 02 Oct 2012 12:21:21 -0700

This bug was fixed in the package xdiagnose - 2.5.2ubuntu0.1

---------------
xdiagnose (2.5.2ubuntu0.1) precise-security; urgency=low


  * SECURITY UPDATE: fix insecure temporary file creation
    - xdiagnose/welcome.py: remove 'Archive' option and on_make_archive()
      as people should be using 'ubuntu-bug xorg' anyway. Patch thanks
      to Bryce Harrington.
    - CVE-2012-XXXX
    - LP: #1036211
 -- Jamie Strandboge <ja...@ubuntu.com>   Mon, 01 Oct 2012 17:04:28 -0500

** Changed in: xdiagnose (Ubuntu Precise)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu-X,
which is subscribed to xdiagnose in Ubuntu.
https://bugs.launchpad.net/bugs/1036211

Title:
  xdiagnose has a symlink attack due to improperly named file in /tmp

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xdiagnose/+bug/1036211/+subscriptions

_______________________________________________
Mailing list: https://launchpad.net/~ubuntu-x-swat
Post to     : ubuntu-x-swat@lists.launchpad.net
Unsubscribe : https://launchpad.net/~ubuntu-x-swat
More help   : https://help.launchpad.net/ListHelp

[Ubuntu-x-swat] [Bug 1036211] Re: xdiagnose has a symlink attack due to improperly named file in /tmp

Reply via email to