[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug#302412: exploitable temporary file race in unshar (fwd)

From: Bruce Korb
Subject: Re: Bug#302412: exploitable temporary file race in unshar (fwd)
Date: Sat, 30 Apr 2005 07:53:57 -0700
User-agent: KMail/1.7.1

On Thursday 31 March 2005 05:30 pm, Santiago Vila wrote:
> On Thu, 31 Mar 2005, Bruce Korb wrote:
> > Wrong assumption.  It was announced on info-gnu.
> May I suggest that sharutils 4.3.77 and 4.3.78 are not put in directories
> named "4.3.77" and "REL-4.3.78", then? The current layout is a little
> bit misleading.
> > These new issues will get faster action with a suggested patch :-).
> Ok, here is a patch that maybe you can accept:

Thank you, Santiago.  I guess I couldn't accept your patch anyway,
but it did get me to the right hunk of code to look at.  Thanks!
There were more theoretical problems with multi-K file name lengths
and the "name_buffer" so I reworked all that stuff.  Rats!  I just
saw that I neglected to unlink the silly thing.  I guess I'll release
again....  Cheers - Bruce

reply via email to

[Prev in Thread] Current Thread [Next in Thread]