On Mon, Sep 11, 2017 at 10:55:39AM +0200, Helmut Grohne wrote: > Source: libreoffice > Version: 1:5.4.0-1 > Severity: important > Tags: security upstream > > Looking at a sample build log > (https://buildd.debian.org/status/fetch.php?pkg=libreoffice&arch=m68k&ver=1%3A5.4.1-1&stamp=1504466495&raw=0) > one can see: > > | ... analyzing package list ... > | ... creating log file /tmp/LibreOffice//logging/en-US/log_540_en-US.log > | ... creating installation set in > /tmp/LibreOffice//install/LibreOffice_5.4.1.2.0_Linux ... > | ... removing old installation directories ... > > What looks like a predictable /tmp path turns out to be one: > > https://lists.freedesktop.org/archives/libreoffice/2017-August/078249.html > > Another local user may use this vulnerability to gain privileges of a > user who is building libreoffice from source. I did not request a CVE > for this issue.
JFTR, we don't treat these as security issues from jessie onwards since kernel hardening renders these non-exploitable: https://www.debian.org/releases/jessie/amd64/release-notes/ch-whats-new.en.html#security Cheers, Moritz