Package: arb Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for arb.
CVE-2008-5378[0]: | arb-kill in arb 0.0.20071207.1 allows local users to overwrite | arbitrary files via a symlink attack on a /tmp/arb_pids_*_* temporary | file. Checking the source for "tmp" with grep reveals some other occurences, which should at least be checked. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Cheers Steffen For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5378 http://security-tracker.debian.net/tracker/CVE-2008-5378 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
