Package: pyro / 1:3.14-5


Package Version Patches format
pyro 1:3.14-5 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
pidfile_path.patch | (download)

Pyro/ext/ | 8 7 + 1 - 0 !
1 file changed, 7 insertions(+), 1 deletion(-)

 cve-2011-2765: fix for arbitrary file overwriting via symlink

The upstream version stores the pidfile in /tmp/ which allows arbitrary
file overwriting via symlink. Now, the default location for pidfile is
/var/run/. The default can be overriden by passing -pidfile=/path/to/file to
daemon init script