id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc
69	bzdiff tempfile patch is bad	alexander@…	clfs-commits@…	"Without ""tempfile"", bzdiff creates files in /tmp with predictable names (because PIDs are not random). This allows for a symlink-based attack. Also, the ""tempfile"" program is installed anyway. Please remove the patch."	defect	closed	major	CLFS Sysroot 1.0.0	BOOK	CLFS Sysroot 1.0.0	fixed	security