New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2015-0234 pki-core: pki-core 10.x: multiple /tmp/ file vulnerabilities [fedora-all] #1865
Comments
Comment from mharmsen (@mharmsen) at 2015-03-11 20:20:19 Reference material for this issue: |
Comment from mharmsen (@mharmsen) at 2015-03-13 18:42:48 Fix for /tmp/file vulnerabilities |
Comment from mharmsen (@mharmsen) at 2015-03-13 18:45:46 On 03/11/15, Ade Lee replied:
|
Comment from mharmsen (@mharmsen) at 2015-03-13 18:56:13 Based upon comment:4 above, the following email was sent to Kurt Seifried (the originator of the bug from whence this ticket was created):
As we await to hear back, we have deemed this ticket non-critical to the release of Dogtag 10.2.2 for Fedora 22, and may end up moving it forward to the Dogtag 10.2.3 milestone if it cannot be closed as WONTFIX. |
Comment from mharmsen (@mharmsen) at 2015-03-13 19:19:53 Per request from nkinder on 03/13/2015: 10.2.3 |
Comment from mharmsen (@mharmsen) at 2015-03-20 01:08:55 Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1183179 (Red Hat Certificate System) |
Comment from mharmsen (@mharmsen) at 2015-03-20 01:09:30 Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1183179 (Red Hat Certificate System) |
Comment from mharmsen (@mharmsen) at 2015-04-28 20:42:32 Per Dogtag 10.2.x TRIAGE meeting of 04/28/2015: 10.3 (not even certain if these are vulnerabilities) |
Comment from mharmsen (@mharmsen) at 2015-05-09 03:02:37 On 05/07/15 23:15, Kurt Seifried wrote:
|
Comment from mharmsen (@mharmsen) at 2017-02-27 13:58:46 Metadata Update from @mharmsen:
|
This issue was migrated from Pagure Issue #1303. Originally filed by mharmsen (@mharmsen) on 2015-03-10 01:32:02:
There are several temporary file creation vulnerabilities:
NOTE: So for Python you want mkstemp and mkdtemp from the tempfile module, for Perl mkstemp() and for C mkstemp() as well.
The text was updated successfully, but these errors were encountered: