All reports of possibly-insecure-handling-of-tmp-files-in-maintainer-script for the archive. The extended description of this tag is:
The maintainer script seems to access a file in /tmp or some other temporary directory. Since creating temporary files in a world-writable directory is very dangerous, this is likely to be a security bug. Use the tempfile or mktemp utilities to create temporary files in these directories.
Refer to Debian Policy Manual section 10.4 (Scripts) for details.
Severity: normal, Certainty: possible
Check: scripts, Type: binary
Emitted (non-overridden): 4, overridden: 4, total: 8
The package names link to the relevant maintainer page and the corresponding report for the source package. The links go to the full maintainer report page, which includes info and experimental tags and overridden tags, rather than the default page that shows only errors and warnings.
bandwidthd 2.0.1+cvs20090917-11 (binary) (Debian QA Group <email@example.com>)
- postinst:57 [amd64, i386]
bandwidthd-pgsql 2.0.1+cvs20090917-11 (binary) (Debian QA Group <firstname.lastname@example.org>)
- postinst:82 [amd64, i386]
ecryptfs-utils 111-4 (binary) (Laszlo Boszormenyi (GCS) <email@example.com>)
- postinst:13 [amd64, i386]
nova-common 2:20.0.0-2 (binary) (Debian OpenStack <firstname.lastname@example.org>)
ntopng 3.8+dfsg1-2.1+b1 (binary) (Ludovico Cavedon <email@example.com>) overridden
- O postinst:9 [amd64, i386]
nvi 1.81.6-15 (binary) (Debian QA Group <firstname.lastname@example.org>) overridden
- O postinst:16 [amd64, i386]
- O postrm:5 [amd64, i386]
screen 4.7.0-1 (binary) (Axel Beckert <email@example.com>) overridden
- O preinst:8 [amd64, i386]