patch / CVE-2018-1000156
Not sure I understand this comment from dla-needed.txt:
NOTE: 20180407: of a rabbit-hole with respect all the newer "safe_"
foo. I suspect if we can just avoid calling
NOTE: 20180407: make_tempfile (from src/util.c) and safe_unlink (from
src/safe.c) then we can avoid most of this. (lamby)
The patch - good version at
http://git.savannah.gnu.org/cgit/patch.git/commit/?id=123eaff0d5d1aebe128295959435b9ca5909c26d
doesn't touch the files noted above.
What is this "rabbit-hole" being referred to?
--
Brian May <bam@debian.org>
Reply to: