CVE-2008-5138 pam_mount insecure tempfile creation - to update or not?
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Hiyas, there was a bug report opened because of an possible vulnerability in pam_mount, which I would not really consider one. Because it cannot be triggered under normal circumstances because the script would fail before an insecure tempfile is used. More details are available here: https://bugzilla.redhat.com/show_bug.cgi?id=472109#c2 The question is now, whether I should update the package without the affected script to make everyone aware of this or just keep it as is. Regards, Till
Description: This is a digitally signed message part.
-- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
[Home] [Fedora Legacy List] [Fedora Maintainers] [Fedora Desktop] [Red Hat 9 Bible] [Fedora Bible] [Fedora SELinux] [Big List of Linux Books] [Yosemite News] [Yosemite Photos] [KDE Users] [Coolkey] [Fedora Tools]