This information came from Marcus Meissner of Suse: Sebastian Krahmer of SUSE audited Mono and found a tempfile race condition in the Mono Core libraries, found in mcs/class/System/System.CodeDom.Compiler/TempFileCollection.cs The diff (actual there are 2 commits) to fix it are here: http://svn.myrealbox.com/viewcvs/trunk/mcs/class/System/System.CodeDom.Compiler/TempFileCollection.cs?rev=65441&r1=57836&r2=65441 I have only looked at them briefly, but the fix looks OK. This can be used by a local attacker for instance with help of System.Xml.Serialization (SerializationCodeGenerator.cs), which compiles .cs code into .dlls on the fly, to inject code into a running Mono process.
Patch applies cleanly and looks correct, applied, built, added to fedora package updates
mono-1.1.13.7-2.fc5.1 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.