This bug was fixed in the package cecilia - 2.0.5-2ubuntu4.1
---------------
cecilia (2.0.5-2ubuntu4.1) gutsy-security; urgency=high
* SECURITY UPDATE: lib/prefs.tcl in Cecilia 2.0.5 allows local users to
overwrite arbitrary files via a symlink attack on the csvers temporary
file.
* References:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1832
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476321
- LP: #241457
* Adds debian/patches/13CVE-2008-1832.dpatch. Thanks to Debian, and
specifically Steffen Joeris for the fix.
-- James Westby <[email protected]> Fri, 20 Jun 2008
19:02:29 +0100
** Changed in: cecilia (Ubuntu Gutsy)
Status: In Progress => Fix Released
** Changed in: cecilia (Ubuntu Hardy)
Status: In Progress => Fix Released
--
CVE-2008-1832: Insecure tempfile handling
https://bugs.launchpad.net/bugs/241457
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
