Feedback from vendor-sec is that the patch is probably not good enough, specifically:
"At the very least, you need to add " --" after "rm -f" to prevent option-passing to "rm" via filenames starting with dashes."
It was then suggested that /var/crash could be cleaned out with a program specifically designed to clean out temporary directories (http://shlang.com/stmpclean/ plus http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/stmpclean/).
Feedback from vendor-sec is that the patch is probably not good enough, specifically:
"At the very least, you need to add " --" after "rm -f" to prevent
option-passing to "rm" via filenames starting with dashes."
It was then suggested that /var/crash could be cleaned out with a program specifically designed to clean out temporary directories (http:// shlang. com/stmpclean/ plus http:// cvsweb. openwall. com/cgi/ cvsweb. cgi/Owl/ packages/ stmpclean/).