[Pki-devel] [PATCH] Patch for /tmp/file vulnerabilities
Please review the attached patch which addresses the following:
* Bugzilla Bug #1183176 - (CVE-2015-0234) CVE-2015-0234 pki-core 10.x:
multiple /tmp/ file vulnerabilities
<https://bugzilla.redhat.com/show_bug.cgi?id=1183176>
* Bugzilla Bug #1183178 - CVE-2015-0234 pki-core: pki-core 10.x:
multiple /tmp/ file vulnerabilities [fedora-all]
<https://bugzilla.redhat.com/show_bug.cgi?id=1183178>
The attached patch was tested using the Dogtag 10.2.2 source code on the 'master'
branch as of 02/27/2015.
It was successfully tested for a shared instance CA, KRA, OCSP, TKS, and TPS including
successfully running the 'tpsclient' tool.
Attachments:
- 20150227-Fix-for-tmpfile-vulnerabilities.patch (text/x-patch — 25.6 KB)
- attachment.html (text/html — 1004 bytes)