Red Hat Bugzilla – Bug 182287
CVE-2003-1294 xscreensaver temporary file flaws
Last modified: 2007-11-30 17:06:55 EST
+++ This bug was initially created as a clone of Bug #182286 +++
Stan Bubrouski contacted jwz the maintainer of xscreensaver
and cc'd Red Hat security folks on 20031031 to report an
insecure temporary file flaw introduced in xscreensaver
version 4.14. This was due to a bit of debugging code that
got left in by mistake, it was removed in 4.15, and therefore
didn't affect any RHEL releases. This was CVE-2003-0885.
However SUSE then found some other suspect temporary file issues which also got
silently fixed in 4.15 release. I've applied for a CVE name for these.
-- Additional comment from firstname.lastname@example.org on 2006-02-21 12:03 EST --
Created an attachment (id=124968)
Proposed patch as used by SUSE
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.