oss-sec mailing list archives

Re: caml-light insecure temporary files

From: Kurt Seifried <kseifried () redhat com>
Date: Sun, 06 Nov 2011 20:20:13 -0700

On 11/06/2011 01:09 PM, David Holland wrote:

I apologize for sending this out on a weekend... but I found out it
accidentally got broadcast to one of our mailing lists so there's
nothing much to be gained from waiting. And besides, it's neither
particularly critical nor of particularly broad interest.

Anyway.

I don't know if anyone besides us still ships caml-light; it is long
dead upstream and obsoleted by ocaml. AFAICT neither Debian nor Red
Hat does. But just in case: it uses mktemp() insecurely, and also does
unsafe things in /tmp during make install.

Patches follow; reference URL (including copies of the patches) is
http://gnats.netbsd.org/45558.

I'm not sure it's worth allocating a CVE number for this if it turns
out nobody else ships it.


Please use CVE-2011-4119 for this issue.

-- 

-Kurt Seifried / Red Hat Security Response Team

Current thread:

caml-light insecure temporary files David Holland (Nov 06)
- Re: caml-light insecure temporary files Florian Weimer (Nov 06)
  - Re: caml-light insecure temporary files Eitan Adler (Nov 06)
  - Re: caml-light insecure temporary files David Holland (Nov 08)
- Re: caml-light insecure temporary files Kurt Seifried (Nov 06)