Ubuntu
mktemp package

  1. Bug #258172
  2. Activity log

Activity log for bug #258172

Date Who What changed Old value New value Message
2008-08-15 14:35:50 Till Ulen bug added bug
2008-08-15 14:36:25 Till Ulen bug assigned to mktemp (Debian)
2008-08-15 14:57:46 Kees Cook mktemp: status New Confirmed
2008-08-15 14:57:46 Kees Cook mktemp: importance Undecided Low
2008-08-15 22:43:34 Bug Watch Updater mktemp: status Unknown Fix Released
2009-01-24 05:01:42 Jamie Strandboge mktemp: status Confirmed Fix Released
2009-01-24 05:01:42 Jamie Strandboge mktemp: statusexplanation This is at most a DoS, as mktemp safely creates the random file for us. In the case that an attacker has filled the drive with all possible combinations, mktemp will just fail to create the file, and scripts using mktemp should equally fail. If there are scripts that don't gracefully handle mktemp failing, bugs should be opened for those packages separately. This is in Jaunty now: mktemp (1.5-9) unstable; urgency=high * Upstream patch to remove pid from name generation. closes: #495193.