You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2006/11/30 19:42:15 UTC

[Bug 5216] New: sa-update Insecure dependency in unlink while running with -T switch at /usr/bin/sa-update line 1173.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5216

           Summary: sa-update Insecure dependency in unlink while running
                    with -T switch at /usr/bin/sa-update line 1173.
           Product: Spamassassin
           Version: SVN Trunk (Latest Devel Version)
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P5
         Component: sa-update
        AssignedTo: dev@spamassassin.apache.org
        ReportedBy: spamassassin@dostech.ca


[14411] dbg: generic: unlinking 10_misc.cf
Insecure dependency in unlink while running with -T switch at /usr/bin/sa-update
line 1173.

More random taint flagging ala bug 5061.

Waiting for confirmation from Henk van Lingen about the usual "local ($1);" fix.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 5216] sa-update Insecure dependency in unlink while running with -T switch at /usr/bin/sa-update line 1173.

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5216


spamassassin@dostech.ca changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED




------- Additional Comments From spamassassin@dostech.ca  2006-12-01 09:12 -------
Confirmed.

[dos@cyan 3.1]$ svn ci -m 'bug 5216: (trivial) avoid random taint flagging of $1
in sa-update'
Sending        sa-update.raw
Transmitting file data .
Committed revision 481292.


and one other spot I noticed this can be a problem:

[dos@cyan 3.1]$ svn ci -m '(trivial) avoid one last place where $1 might be
randomly tainted (and cause a problem) in sa-update'
Sending        sa-update.raw
Transmitting file data .
Committed revision 481299.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 5216] sa-update Insecure dependency in unlink while running with -T switch at /usr/bin/sa-update line 1173.

Posted by bu...@bugzilla.spamassassin.org.

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5216


spamassassin@dostech.ca changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|Undefined                   |3.1.8






------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.