Debian
cecilia package

  1. Bug #241457
  2. Comment #6

Comment 6 for bug 241457

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cecilia - 2.0.5-2ubuntu5.1

---------------
cecilia (2.0.5-2ubuntu5.1) hardy-security; urgency=low

  * SECURITY UPDATE: lib/prefs.tcl in Cecilia 2.0.5 allows local users to
    overwrite arbitrary files via a symlink attack on the csvers temporary
    file.
  * References:
    - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1832
    - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476321
    - LP: #241457
  * Adds debian/patches/13CVE-2008-1832.dpatch. Thanks to Debian, and
    specifically Steffen Joeris for the fix.

 -- James Westby <email address hidden> Fri, 20 Jun 2008 18:12:23 +0100