Red Hat Bugzilla – Bug 136319
CAN-2004-0968 temporary file vulnerabilities in catchsegv script
Last modified: 2007-11-30 17:10:52 EST
On September 10th 2004, Trustix shared some temporary file
vulnerabilities with vendor-sec. After some refinement these were
made public on Sep30. These are minor issues (impact: LOW) and
therefore should be fixed in future updates, but don't deserve their
own security advisory.
Temporary file vulnerability in catchsegv. Patch attached to bug 136318
For FC3, this is fixed in glibc-2.3.3-71 and above (FC3 will likely
ship with glibc-2.3.3-73).
For FC2 there is a testing errata glibc-2.3.3-27.1.
The FC2 was released yesterday to ftp, the announcement in currently pending
FC3 already contains the fixes.