registry team mailing list archive

Thread
Date

[Bug 538471] Re: autokey: insecure use of temporary files (Data Corruption, Local Denial of Service)

To: registry@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <538471@xxxxxxxxxxxxxxxxxx>
Date: Thu, 13 May 2010 07:03:20 -0000
Reply-to: Bug 538471 <538471@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package autokey - 0.54.5-1ubuntu0.3

---------------
autokey (0.54.5-1ubuntu0.3) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwriting via symlinks (LP: #538471)
    - Store files for the EvDev daamon in FHS-specified locations
    - debian/autokey.init: Set pidfile path to '/var/run/autokey-daemon.pid'
    - src/lib/interface.py: Set DOMAIN_SOCKET_PATH to "/var/run/autokey-daemon"
    - CVE-2010-0398
 -- Luke Faraone <luke@xxxxxxxxxx>   Sat, 13 Mar 2010 17:14:24 -0500

** Changed in: autokey (Ubuntu Karmic)
       Status: Fix Committed => Fix Released

-- 
autokey: insecure use of temporary files (Data Corruption, Local Denial of Service)
https://bugs.launchpad.net/bugs/538471
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Debian.