Package: catfish Version: 1.0.0-2 Tags: security/usr/bin/catfish tries to execute bin/catfish.pyc and bin/catfish.py from the current working directory. If you call catfish from a world-writable directory (e.g. /tmp), malicious local user could exploit this flaw to execute arbitrary code.
-- Jakub Wilk -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
