blob: 40fa8b73179cde720510a78addad7676abbc5a96 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>It has been reported that arts uses the insecure mktemp() function
to create the temporary directory it uses to host user-specific sockets.
It is thus possible for another user to hijack this temporary directory
and gain IPC access it should not have.</p>
<p>In Debian 6 <q>Squeeze</q>, this issue has been addressed in arts
1.5.9-3+deb6u1 with the use of the safer mkdtemp() function.
We recommend that you upgrade your arts packages.</p>
<p>Other Debian releases do not have the arts package.</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/lts/security/2015/dla-366.data"
# $Id$
|