Re: sharutils: pending release of 4.6.3

bug-gnu-utils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sharutils: pending release of 4.6.3

From:	Santiago Vila
Subject:	Re: sharutils: pending release of 4.6.3
Date:	Thu, 18 May 2006 02:02:32 +0200 (CEST)

On Wed, 17 May 2006, Pavel Roskin wrote:

> "If an attacker can convince a user to invoke uudecode on a malicious
> file without reviewing the included file name, the attacker can cause
> the user to overwrite any file accessible by the user."

Hmm, this is similar to http://bugs.debian.org/149454.

Isn't this a feature more than a bug?

[Prev in Thread]

Current Thread

[Next in Thread]

sharutils: compilation failure with Sun C on Linux, Bruno Haible, 2006/05/10
- Re: sharutils: compilation failure with Sun C on Linux, Bruce Korb, 2006/05/14
  - Re: sharutils: pending release of 4.6.3, Bruce Korb, 2006/05/14
    - Re: sharutils: pending release of 4.6.3, Pavel Roskin, 2006/05/17
    - Re: sharutils: pending release of 4.6.3, Bruce Korb, 2006/05/17
    - Re: sharutils: pending release of 4.6.3, Santiago Vila <=
    - Re: sharutils: security issue, Bruce Korb, 2006/05/18
  - Re: sharutils: compilation failure with Sun C on Linux, Paul Eggert, 2006/05/15
    - Message not available
    - Re: sharutils: patch for dirent.h, Bruce Korb, 2006/05/15

Prev by Date: Re: sharutils: pending release of 4.6.3
Next by Date: Re: sharutils: security issue
Previous by thread: Re: sharutils: pending release of 4.6.3
Next by thread: Re: sharutils: security issue
Index(es):
- Date
- Thread