[policyd-weight] [CVE-2008-1569, CVE-2008-1570] insecure temporary files
Bug #210150 reported by
disabled.user
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Edgy Backports |
Invalid
|
Undecided
|
Unassigned | ||
| policyd-weight (Gentoo Linux) |
Fix Released
|
Low
|
|||
| policyd-weight (Ubuntu) |
Fix Released
|
Undecided
|
William Grant | ||
| Feisty |
Won't Fix
|
Undecided
|
Unassigned | ||
| Gutsy |
Won't Fix
|
Undecided
|
Unassigned | ||
| Hardy |
Fix Released
|
Undecided
|
William Grant | ||
Bug Description
Binary package hint: policyd-weight
References:
DSA-1531-2 (http://
Quoting:
"Chris Howells discovered that policyd-weight, a policy daemon for the Postfix mail transport agent, created its socket in an insecure way, which may be exploited to overwrite or remove arbitary files from the local system."
| Changed in policyd-weight: | |
| assignee: | nobody → fujitsu |
| status: | New → In Progress |
| status: | New → Confirmed |
| status: | New → Confirmed |
| Changed in edgy-backports: | |
| status: | New → Confirmed |
| Changed in policyd-weight: | |
| status: | Unknown → Confirmed |
Revision history for this message
| William Grant (wgrant) wrote | #1 |
| Changed in policyd-weight: | |
| status: | In Progress → Fix Released |
| Changed in policyd-weight: | |
| status: | Confirmed → Fix Released |
Revision history for this message
| Michael Casadevall (mcasadevall) wrote none | #2 |
| Changed in edgy-backports: | |
| status: | Confirmed → Invalid |
| Changed in policyd-weight: | |
| status: | Confirmed → Won't Fix |
Revision history for this message
| Sergio Zanchetta (primes2h) wrote | #4 |
| Changed in policyd-weight (Ubuntu Gutsy): | |
| status: | Confirmed → Won't Fix |
| Changed in policyd-weight (Gentoo Linux): | |
| importance: | Unknown → Low |
To post a comment you must log in.
Fixed in 0.1.14.17-1 in Hardy.