Red Hat Bugzilla – Bug 209467
CVE-2006-5072 Mono insecure temporary file usage
Last modified: 2007-11-30 17:11:45 EST
+++ This bug was initially created as a clone of Bug #209464 +++
This information came from Marcus Meissner of Suse:
Sebastian Krahmer of SUSE audited Mono and found a tempfile
race condition in the Mono Core libraries, found in
The diff (actual there are 2 commits) to fix it are here:
I have only looked at them briefly, but the fix looks OK.
This can be used by a local attacker for instance with help of
System.Xml.Serialization (SerializationCodeGenerator.cs), which
compiles .cs code into .dlls on the fly, to inject code into a
running Mono process.
patch applied, and built, will ask release-engineering to move into FC-6
releng reports that this is moved to FC-6