[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#482476: marked as done (Security: Unsafe lock file creation can be used to truncate arbitrary files)

Daniel Burrows <dburrows@debian.org> writes:

> On Wed, May 28, 2008 at 02:27:55PM +0000, Debian Bug Tracking System <owner@bugs.debian.org> was heard to say:
>> Changes: 
>>  apt (0.7.14) unstable; urgency=low
>
>   [snip]
>
>>    [ Otavio Salvador ]
>>    * Apply patch to avoid truncating of arbitrary files. Thanks to Bryan
>>      Donlan <bdonlan@fushizen.net> for the patch. Closes: #482476
>
>   Should this be urgency=high?  (as per the devref section 5.8.5.3)

Daniel, would you mind to contact security-team and prepare an upload too?

-- 
        O T A V I O    S A L V A D O R
---------------------------------------------
 E-mail: otavio@debian.org      UIN: 5906116
 GNU/Linux User: 239058     GPG ID: 49A5F855
 Home Page: http://otavio.ossystems.com.br
---------------------------------------------
"Microsoft sells you Windows ... Linux gives
 you the whole house."
Reply to: