Red Hat Bugzilla – Bug 236585
CVE-2007-2030 /tmp race in lha
Last modified: 2011-08-02 14:19:53 EDT
Description of problem:
lha doesn't open temporary files exclusively, which makes it possible for an
attacker to conduct a time-dependent attack by creating the file in advance.
Version-Release number of selected component (if applicable):
The patch also incorporates some trailing-NUL things from SUSE's
security review patch. I do not know why weren't they unlike some other
fixes from that patch integrated in our packages. It might be possible
that they are not needed. The patch is basically a polished diff between
SUSE and FC-5 lha.
Created attachment 152702 [details]
Patch for lha /tmp race & others, applies to FC5
Reporter changed to email@example.com by request of Jay Turner.
Red Hat no longer plans to fix this issue in Red Hat Enterprise Linux 4.