[Bug 751886] CVE-2011-4115 perl-Parallel-ForkManager: insecure temporary file usage
bugzilla at redhat.com
bugzilla at redhat.com
Thu Nov 10 18:11:52 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=751886
--- Comment #4 from Jason Tibbitts <tibbs at math.uh.edu> 2011-11-10 13:11:51 EST ---
I like the idea of making tempdir mandatory. It conveniently both shows us if
any consuming code would have the security issue and pushes responsibility for
that bit of security elsewhere. Let me whip something up.
I believe the maintainers of the packages which depend on Parallel::ForkManager
are CC'd on this ticket already; could either of you check to see if your
packages would have issues with this or if they even use the problematic
feature?
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the perl-devel
mailing list