patch / CVE-2018-1000156
Not sure I understand this comment from dla-needed.txt:
NOTE: 20180407: of a rabbit-hole with respect all the newer "safe_"
foo. I suspect if we can just avoid calling
NOTE: 20180407: make_tempfile (from src/util.c) and safe_unlink (from
src/safe.c) then we can avoid most of this. (lamby)
The patch - good version at
doesn't touch the files noted above.
What is this "rabbit-hole" being referred to?
Brian May <firstname.lastname@example.org>