Home page logo

oss-sec logo oss-sec mailing list archives

CVE Request: python-pip insecure temporary directory handling
From: David Black <disclosure () d1b org>
Date: Thu, 21 Mar 2013 01:13:15 +1100

Prior to version 1.3 pip used '/tmp/pip-build' as a temporary
directory and as per the report in
https://github.com/pypa/pip/issues/725 would follow a symbolic link
placed at '/tmp/pip-build' when writing temporary files.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]