oss-sec mailing list archives

Re: Security fixes in m4-1.4.11

From: "Steven M. Christey" <coley () linus mitre org>
Date: Sun, 6 Apr 2008 20:42:07 -0400 (EDT)


On Sun, 6 Apr 2008, Patrick J. Volkerding wrote:

Minor security fix: Quote output of mkstemp.


Use CVE-2008-1687

Security fix: avoid arbitrary code execution with 'm4 -F'.


Use CVE-2008-1688

Note - these CVE's will not be live until Monday.

- Steve

Security fixes in m4-1.4.11 Patrick J. Volkerding (Apr 06)
- Re: Security fixes in m4-1.4.11 Steven M. Christey (Apr 06)
  - Re: Security fixes in m4-1.4.11 Lubomir Kundrak (Apr 07)
    - Re: Security fixes in m4-1.4.11 Florian Weimer (Apr 07)
  - Re: Security fixes in m4-1.4.11 Josh Bressers (Apr 11)