Bug 137966

Summary: CAN-2004-0974 temporary file vulnerabilities in etc2ps.sh
Product: [Fedora] Fedora Reporter: Mark J. Cox <mjc>
Component: netatalkAssignee: Charlie Bennett <ccb>
Status: CLOSED RAWHIDE QA Contact:
Severity: low Docs Contact:
Priority: medium    
Version: 2Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: public=20040930,impact=low
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-12-06 20:20:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Proposed patch none

Description Mark J. Cox 2004-11-03 13:30:04 UTC 
On September 10th 2004, Trustix shared some temporary file
vulnerabilities with vendor-sec.  After some refinement these were
made public on Sep30.  These are minor issues (impact: LOW) 

Temporary file vulnerability in etc2ps.sh  Patch attached.  These
issues also affect FC3.
Comment 1 Mark J. Cox 2004-11-03 13:31:18 UTC 
Created attachment 106118 [details]
Proposed patch
Comment 2 Charles Dostale 2004-11-04 16:31:48 UTC 
This is fixed upstream in netatalk 1.6.4a.

Please consider netatalk 2.0.1 for FC4, it supports file names longer
than 31 characters.
Comment 3 Charlie Bennett 2004-12-06 20:20:14 UTC 
Update released for FC2 (#505) and FC3 (#506).