This mail is just to confirm the second bug that Nico discovered,
executing code from a file called /tmp/gambas-apt-exec.
There was not a bug number on Debian for this issue, but it has also
been fixed in the same upload that fixed #476588.
Regards.
José L.
El jue, 17-04-2008 a las 21:23 +0200,
Package: aptlinex
Severity: normal
Tags: security
Hi,
looking at the code of aptlinex because of #476572 I
stumbled over another security issue:
Insecure temporary file usage in ModMain.module:
90 IF User.Name <> "root" THEN
91 'EXEC [graphicalSu(), "gambas-apt.gambas", User.Name, Buf] W
2 matches
Mail list logo
