Package: gpsdrive
Version: 2.09-2.1
Severity: important
Tags: security


The following CVE (Common Vulnerabilities & Exposures) id was published for 

> gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite
> arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b)
> /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.* temporary
> file, related to the (1) geo-code and (2) geo-nearest scripts, different
> vectors than CVE-2008-4959.

If you fix the vulnerability please also make sure to include the CVE id in 
the changelog entry.


Raphael Geissert - Debian Maintainer -

Attachment: signature.asc
Description: This is a digitally signed message part.

Pkg-grass-devel mailing list

Reply via email to