Package: crossfire-maps Severity: important Version: 1.9.1-1 Tags: security
Hi, The following CVE (Common Vulnerabilities & Exposures) id was published for crossfire-maps. CVE-2008-4908[1]: > maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users > to overwrite arbitrary files via a symlink attack on a temporary file. Although the original advisory only refers to version 1.11.0, the issue also affects the file in version 1.9.1-1 (shipped in etch). If you fix the vulnerability please also make sure to include the CVE id in the changelog entry. [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 http://security-tracker.debian.net/tracker/CVE-2008-4908 Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.