This bug was fixed in the package cecilia - 2.0.5-2ubuntu5.1
--------------- cecilia (2.0.5-2ubuntu5.1) hardy-security; urgency=low
* SECURITY UPDATE: lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file. * References: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1832 - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476321 - LP: #241457 * Adds debian/patches/13CVE-2008-1832.dpatch. Thanks to Debian, and specifically Steffen Joeris for the fix.
-- James Westby <email address hidden> Fri, 20 Jun 2008 18:12:23 +0100
This bug was fixed in the package cecilia - 2.0.5-2ubuntu5.1
---------------
cecilia (2.0.5-2ubuntu5.1) hardy-security; urgency=low
* SECURITY UPDATE: lib/prefs.tcl in Cecilia 2.0.5 allows local users to cve.mitre. org/cgi- bin/cvename. cgi?name= CVE-2008- 1832 bugs.debian. org/cgi- bin/bugreport. cgi?bug= 476321 patches/ 13CVE-2008- 1832.dpatch. Thanks to Debian, and
overwrite arbitrary files via a symlink attack on the csvers temporary
file.
* References:
- http://
- http://
- LP: #241457
* Adds debian/
specifically Steffen Joeris for the fix.
-- James Westby <email address hidden> Fri, 20 Jun 2008 18:12:23 +0100