Hi all, Attached are the following two patches in a git-friendly mbox format: lintian_enhanced_possibly-insecure-handling-of-tmp-files-in-maintainer-script.patch: Requires the tmp dir name to have a name thus reducing the number of false positives and allowing to check for = /tmp/foo thus also decreasing the number of false negatives (or at least I hope it does). It no longer ignores mkdir as it may also suffer from attacks when the error is ignored, compacts the mktemp/mkstemp checks and ignores the line if $RANDOM is present. lintian_maintainer-also-in-uploaders.patch: Added to detect situations where the person in the Maintainer field is also in Uploaders. Cheers, -- Atomo64 - Raphael Please avoid sending me Word, PowerPoint or Excel attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
Attachment:
lintian_enhanced_possibly-insecure-handling-of-tmp-files-in-maintainer-script.patch
Description: application/mbox
Attachment:
lintian_maintainer-also-in-uploaders.patch
Description: application/mbox