Processing commands for cont...@bugs.debian.org:
> retitle 911877 crossroads: CVE-2018-18654: package build vulnerable to
> insecure use of /tmp
Bug #911877 [src:crossroads] crossroads: package build vulnerable to /tmp
Changed Bug title to 'crossroads: CVE-2018-18654: package build vulnerable to
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 25 Oct 2018 21:07:17 -0400
Source: abiword
Binary: abiword-common abiword abiword-plugin-grammar libabiword-3.0
libabiword-dev gir1.2-abi-3.0
Architecture: source
Version: 3.0.2-8
Distribution: unstable
Urgency:
abiword_3.0.2-8_source.changes uploaded successfully to localhost
along with the files:
abiword_3.0.2-8.dsc
abiword_3.0.2-8.debian.tar.xz
abiword_3.0.2-8_amd64.buildinfo
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
Processing commands for cont...@bugs.debian.org:
> tags 911877 + upstream
Bug #911877 [src:crossroads] crossroads: package build vulnerable to /tmp
Added tag(s) upstream.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
911877: https://bugs.debian.org/cgi-bin/bugre
Source: crossroads
Version: 2.81-2
Severity: serious
Tags: security
crossroads's xr/Makefile has:
| $(BINDIR)/xr: $(BIN)
| cp $(BIN) $(TMPXR)
| install $(TMPXR) $(BINDIR)/xr
| rm -f $(TMPXR)
where
| TMPXR = /tmp/xr-$(shell whoami)
Jakub Wilk observed that a malicious
Source: pytest-localserver
Version: 0.3.7-2
User: debian...@lists.debian.org
Usertags: needs-update
Control: affects -1 src:python3-defaults
[X-Debbugs-CC: debian...@lists.debian.org,
python3-defau...@packages.debian.org]
Dear maintainers,
With a recent upload of python3-defaults the autopkgtest
Processing control commands:
> affects -1 src:python3-defaults
Bug #911836 [src:pytest-localserver] pytest-localserver: autopkgtest needs
update for new version of openssl
Added indication that 911836 affects src:python3-defaults
--
911836: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=9118
7 matches
Mail list logo
