patch-2.5.4 mktemp fix

Robert Connolly cendres at videotron.ca
Thu Jan 15 16:46:51 PST 2004


On January 15, 2004 06:03 pm, Radosław Krahl wrote:
> I have done a little patch which fixes the mktemp vulnerability in
> patch-2.5.4a, so it now uses mkstemp instead now. I don't know if this is
> so important, but if we patch ed against this vulnerability, then why we
> leave it in patch, which is used much often. Anyway, here it is. It isn't
> too clean, but it works. If you find it useful, use it :).
> And sorry for my terrible english.

Patch-2.5.4 has a buffer overflow fixed in 2.5.9. There's also patches out for 
it.




More information about the hlfs-dev mailing list