Package: ppp Version: 2.4.4rel-10.1 Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for ppp.
CVE-2008-5366[0]: | The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local | users to overwrite arbitrary files via a symlink attack on the (1) | /tmp/probe-finished or (2) /tmp/ppp-errors temporary file. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5366 http://security-tracker.debian.net/tracker/CVE-2008-5366 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
