insecure temporary file creation in kdelibs 3.3.2 Feb 11 2005 08:16AM
Davide Madrisan (davide madrisan qilinux it)
The `dcopidlng' script in the KDE library package
creates temporary files in a unsecure manner.

This bug has been fixed in 32 minutes (!) by Stephan Kulow, the KDE team
leader. Here you can found the official patch:

Note: This bug has been find by `autospec', the work-in-progress tool used by
the QiLinux team to (semi)automatically create specfiles from tarballs and
update/check rpm packages. It's released under GPL and not QiLinux specific.
The latest release can be found at the URL:

#include <best/regards.h>
Davide Madrisan
QiLinux Security Team Leader
PGP keyID: 4B72B0B9 fp: 2B79 BFF1 EE33 EE8C 3258 E43C CDA8 EFF3 4B72 B0B9
PGP public key: <http://pgp.mit.edu/>

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus