Comment 4 for bug 9816

Proposed details section of USN:

Recently, Trustix Secure Linux discovered a vulnerability in a supplemental
script of the lvm10 package. The program "lvmcreate_initrd" created a temporary
directory in an insecure way, which allowed a symlink attack to create or
overwrite arbitrary files with the privileges of the user invoking the program.