| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANy4znXq7gQzosLejuHeh8o-2VP613TDgnouDLzW5Fm5b-bjdw@mail.gmail.com> Date: Wed, 11 Sep 2019 10:55:45 +0300 From: Shlomi Fish <shlomif@...il.com> To: fulldisclosure@...lists.org Subject: [FD] Insecure tmpdir() use in dbtoepub.rb in docbook / xslt10-stylesheets See: https://github.com/docbook/xslt10-stylesheets/pull/144 « See https://ruby-doc.org/stdlib-2.0.0/libdoc/tmpdir/rdoc/Dir.html - tmpdir returns the same value everytime and as a result the tmpdirs can be identical or existing. SECURITY! Thanks to phaul from #ruby . » There is a patch that seems to work well in the mageia linux package, but no PoC exploit. -- Shlomi Fish http://www.shlomifish.org/ Buddha has the Chuck Norris nature. Please reply to list if it's a mailing list post - http://shlom.in/reply . _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists