On Thu, Jan 08, 2009 at 11:20:43PM +0000, Adam D. Barratt wrote: > The devscripts package in etch has an insecure temporary directory issue > when signing files which are copied from a remote machine; see #507482. > > The security team don't consider this to warrant a DSA - would it be > suitable for a stable update? I've attached a minimal debdiff. Would be acceptable, but I wonder if the usage of $TEMP_DIR after cd and rm should be quoted? Kind regards, Philipp Kern -- .''`. Philipp Kern Debian Developer : :' : http://philkern.de Release Assistant `. `' xmpp:phil@0x539.de Stable Release Manager `- finger pkern/key@db.debian.org
Attachment:
signature.asc
Description: Digital signature