Package: tau Version: 2.16.4-1.1 Severity: important Tags: security Hi,
The following CVE (Common Vulnerabilities & Exposures) id was published for tau. CVE-2008-5157[1]: > tau 2.16.4 allows local users to overwrite arbitrary files via a symlink > attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### > temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc > scripts. If you fix the vulnerability please also make sure to include the CVE id in the changelog entry. [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5157 http://security-tracker.debian.net/tracker/CVE-2008-5157 Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
