|Main Archive Page > Month Archives > oss-security archives|
On Wed, Jan 05, 2011 at 02:54:57PM -0700, Vincent Danen wrote:
> We got a heads up on a directory traversal flaw in patch. I don't think
> a CVE name has been assigned to it; could we get one? It allows for the
> creation of arbitrary files in unexpected places due to the use of '..'.
I believe the Debian security team assigned CVE-2010-1679 for this
-- Steve Beattie <email@example.com> http://NxNW.org/~steve/