** Summary changed:
- insecure file access (breezy, dapper)
+ insecure file access (breezy, dapper, edgy)
** Description changed:
Reproduced in versions:
2.37a-1ubuntu1.1 (breezy?)
2.41-1ubuntu4 (dapper)
+ 2.42a-1ubuntu1.1 (edgy)
Blender writes to files in /tmp/ in an insecure fashion. For example,
launching blender and then selecting "Render > Render Animation", writes
to the file /tmp/0001.jpg.
This can be exploited by a malicious user to overwrite arbitrary files
of another user using blender:
[EMAIL PROTECTED] ln -s /home/bob/thesis.tex /tmp/0001.jpg
--
insecure file access (breezy, dapper, edgy)
https://bugs.launchpad.net/bugs/6671
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
