[Bug 241457] Re: CVE-2008-1832: Insecure tempfile handling

Launchpad Bug Tracker Tue, 13 Jan 2009 09:00:28 -0800

This bug was fixed in the package cecilia - 2.0.5-2ubuntu5.1

---------------
cecilia (2.0.5-2ubuntu5.1) hardy-security; urgency=low


  * SECURITY UPDATE: lib/prefs.tcl in Cecilia 2.0.5 allows local users to
    overwrite arbitrary files via a symlink attack on the csvers temporary
    file.
  * References:
    - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1832
    - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476321
    - LP: #241457
  * Adds debian/patches/13CVE-2008-1832.dpatch. Thanks to Debian, and
    specifically Steffen Joeris for the fix.

 -- James Westby <[email protected]>   Fri, 20 Jun 2008
18:12:23 +0100

-- 
CVE-2008-1832: Insecure tempfile handling
https://bugs.launchpad.net/bugs/241457
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 241457] Re: CVE-2008-1832: Insecure tempfile handling

Reply via email to