Bug#414237: lintian: Uses insecure temporary file /tmp/debug in objdump-info

To: Josh Triplett <josh@freedesktop.org>
Cc: 414237@bugs.debian.org
Subject: Bug#414237: lintian: Uses insecure temporary file /tmp/debug in objdump-info
From: Russ Allbery <rra@debian.org>
Date: Fri, 09 Mar 2007 22:52:07 -0800
Message-id: <[🔎] 87abylbnfs.fsf@windlord.stanford.edu>
Reply-to: Russ Allbery <rra@debian.org>, 414237@bugs.debian.org
In-reply-to: <[🔎] 20070310062156.17125.5785.reportbug@josh-mobile> (Josh Triplett's message of "Fri, 09 Mar 2007 22:21:56 -0800")
References: <[🔎] 20070310062156.17125.5785.reportbug@josh-mobile>

Josh Triplett <josh@freedesktop.org> writes:

> Package: lintian
> Version: 1.23.27
> Severity: grave
> Tags: security patch
> Justification: user security hole

> The lintian collection script objdump-info uses the insecure temporary
> file /tmp/debug.

Gah.  Yes, this is entirely my fault.  Uploading a new version now with a
minimal fix for migration into testing.  I added this in the process of
fixing an earlier bug and clearly missed the debugging code when I
committed the fix.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

References:
- Bug#414237: lintian: Uses insecure temporary file /tmp/debug in objdump-info
  - From: Josh Triplett <josh@freedesktop.org>

Prev by Date: lintian: r830 - branches
Next by Date: lintian: r831 - in branches/etch: collection debian
Previous by thread: Bug#414237: lintian: Uses insecure temporary file /tmp/debug in objdump-info
Next by thread: Bug#414237: marked as done (lintian: Uses insecure temporary file /tmp/debug in objdump-info)
Index(es):
- Date
- Thread