You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2006/11/30 19:42:15 UTC
[Bug 5216] New: sa-update Insecure dependency in unlink while running with -T switch at /usr/bin/sa-update line 1173.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5216
Summary: sa-update Insecure dependency in unlink while running
with -T switch at /usr/bin/sa-update line 1173.
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: sa-update
AssignedTo: dev@spamassassin.apache.org
ReportedBy: spamassassin@dostech.ca
[14411] dbg: generic: unlinking 10_misc.cf
Insecure dependency in unlink while running with -T switch at /usr/bin/sa-update
line 1173.
More random taint flagging ala bug 5061.
Waiting for confirmation from Henk van Lingen about the usual "local ($1);" fix.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5216] sa-update Insecure dependency in unlink while running with -T switch at /usr/bin/sa-update line 1173.
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5216
spamassassin@dostech.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From spamassassin@dostech.ca 2006-12-01 09:12 -------
Confirmed.
[dos@cyan 3.1]$ svn ci -m 'bug 5216: (trivial) avoid random taint flagging of $1
in sa-update'
Sending sa-update.raw
Transmitting file data .
Committed revision 481292.
and one other spot I noticed this can be a problem:
[dos@cyan 3.1]$ svn ci -m '(trivial) avoid one last place where $1 might be
randomly tainted (and cause a problem) in sa-update'
Sending sa-update.raw
Transmitting file data .
Committed revision 481299.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5216] sa-update Insecure dependency in unlink while running with -T switch at /usr/bin/sa-update line 1173.
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5216
spamassassin@dostech.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|Undefined |3.1.8
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.