Bug#414237: lintian: Uses insecure temporary file /tmp/debug in objdump-info
Josh Triplett <josh@freedesktop.org> writes:
> Package: lintian
> Version: 1.23.27
> Severity: grave
> Tags: security patch
> Justification: user security hole
> The lintian collection script objdump-info uses the insecure temporary
> file /tmp/debug.
Gah. Yes, this is entirely my fault. Uploading a new version now with a
minimal fix for migration into testing. I added this in the process of
fixing an earlier bug and clearly missed the debugging code when I
committed the fix.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: