TEMP-0000000-CDF09E

NameTEMP-0000000-CDF09E
DescriptionTOCTOU race when expanding JAR files
SourceAutomatically generated temporary name. Not for external reference.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libbluray (PTS)wheezy1:0.2.2-1fixed
jessie1:0.6.2-1fixed
stretch1:0.9.3-3fixed
buster, sid1:1.0.2-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libbluraysource(unstable)0.7.0-1unimportant

Notes

CVE Request: http://www.openwall.com/lists/oss-security/2015/02/06/9
https://bugzilla.redhat.com/show_bug.cgi?id=959433
libbluray is only in wheezy and later and the issue is neutered by the kernel hardening for /tmp
Affected code removed in 0.7.0-1

Search for package or bug name: Reporting problems