Hi, On 10/07/17 16:32, Gianfranco Costamagna wrote: > Hello Roger, > >> Here you go. Build and runtime tested.
Thanks for working on this. Does this take care of updating the permissions when the file already exists? Doesn't seem to from my quick standalone test with a simple C program. Maybe this ought to call chmod as well for existing installations. > we should really patch also jessie, stretch and sid, right? Yep, that'd be good. Currently this vulnerability is marked as no-dsa for stretch and jessie, so the security team may prefer that you fix this via a point release update, but please check with them. No excuse for not fixing this in sid though. :) Cheers, Emilio
