Re: [Mutt] #3158: CVE id CAN-2005-2351: less random temp file creation allows DOS
#3158: CVE id CAN-2005-2351: less random temp file creation allows DOS
------------------------------+---------------------------------------------
Reporter: antonio@â | Owner: mutt-dev
Type: defect | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.5.20
Keywords: patch |
------------------------------+---------------------------------------------
Changes (by antonio@â):
* keywords: => patch
* version: 1.5.19 => 1.5.20
Comment:
a very simple patch is attached, it allows a more random creation of
filenames in $tmpdir, without asking the user to change their setting,
this patch is included in the Debian release of mutt.
Given the simplicity of the patch and the fact that it fixes CVE
CAN-2005-2351 please consider including it in your code; the patch doesn't
seem to have any drawbacks.
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3158#comment:2>
Mutt <http://www.mutt.org/>
The Mutt mail user agent