Now
MAIN commitmail json YAML
pkgsrc/audio/cmus/Makefile@1.15
/
diff
pkgsrc/audio/cmus/distinfo@1.5 / diff
pkgsrc/audio/cmus/patches/patch-ae@1.1 / diff
pkgsrc/audio/cmus/distinfo@1.5 / diff
pkgsrc/audio/cmus/patches/patch-ae@1.1 / diff
A security issue has been reported in cmus, which can be exploited by
malicious, local users to perform certain actions with escalated
privileges.
The security issue is caused due to the "cmus-status-display" script using
temporary files in an insecure manner. This can be exploited to
e.g. overwrite arbitrary files via symlink attacks.
This commit fixes this issue.
malicious, local users to perform certain actions with escalated
privileges.
The security issue is caused due to the "cmus-status-display" script using
temporary files in an insecure manner. This can be exploited to
e.g. overwrite arbitrary files via symlink attacks.
This commit fixes this issue.