Ubuntu
postgresql package

  1. Bug #9464
  2. Comment #4

Comment 4 for bug 9464

Revision history for this message
In , Martin Pitt (pitti) wrote : Re: Bug#278262: file in tmp hole in make_oidjoins_check

Hi!

Joey Hess [2004-10-25 16:03 -0400]:
> Package: postgresql
> Version: 7.3.4-9
> Severity: normal
> Tags: security
>
> The make_oidjoins_check script, which is only shipped in the source
> package, creates /tmp files insecurely according to CAN-2004-0977 (and
> I've verified this).
>
> It should be fixed, just in case someone happens to find it in the
> source package.

It's shipped in -contrib, I merged this bug with #278336.

For the records, a stable update is ready and to be approved by the
security team; I will do an unstable upload soon.

Thanks and have a nice day!

Martin

--
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntulinux.org
Debian GNU/Linux Developer http://www.debian.org