I've updated the web page with a few more bugs I've recently reported:
* Bug #292420: Insecure temporary file usage in Razor's logfiles.
* Bug #292081: Proper manpage for kdelib's lnusertemp.
* Bug #292078: KDE's startkde does not check lnusertemp's result.
* Bug #292073: Temporary file vulnerabilities in Lilo's mkrescue
script has
* Bug #291957: Bug in lm-sensor's pwmconfig script when handling
temporary files.
* Bug #291962: Multiple unsafe /tmp usage in PostgreSQL's build
scripts and tools.
* Bug #291478: Insecure temporary filename usage in Openwebmail's
* Bug #291452: Insecure usage of temporary directories in gs-esp
source code.
* Bug #291389: Lack of tempfile/mktemp/mkstemp implementation in the
Tcl/Tk language.
* Bug #291376: unsafe recommendation and implementation of debugging
in cdrtools' rscsi.
* Bug #291373: insecure usage of temporary directories in gs-gpl
auxiliary scripts.
* Bug #290974: temporary usage bugs in Apache's check_forensic
script.
There are _lots_ of those :-(
I will upload the DSAs soon...
Regards
Javier
signature.asc
Description: Digital signature
| 
