FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

caml-light -- insecure use of temporary files

Affected packages
caml-light <= 0.75

Details

VuXML ID 9dde9dac-08f4-11e1-af36-003067b2972c
Discovery 2011-11-02
Entry 2011-11-06

caml-light uses mktemp() insecurely, and also does unsafe things in /tmp during make install.

References

CVE Name CVE-2011-4119
Message 20111106200911.GC13652@netbsd.org