cdrtools (4:2.0+a38-1ubuntu4) hoary; urgency=low
* SECURITY UPDATE: Fix insecure temporary file handling.
* 23_debug_tmpfile.dpatch:
- rscsi/rscsi.c: Do not blindly open the temporary file for debugging
(which defaults to being in /tmp), but check if it already exists and
exit if so. This avoids symlink attacks.
- rscsi/rscsi.dfl: Do not recommend to use /tmp/ as output directory for
debugging to avoid DoS situations when the temporary file already
exists.
- Note: Debugging is disabled by default.
- Thanks to Javier Fernández-Sanguino Peña <email address hidden> for spotting
this and the patch.
- References:
http://bugs.debian.org/291376
-- Martin Pitt <email address hidden> Thu, 24 Mar 2005 10:20:03 +0100