Thanks for your report!
Ubuntu has symlink restrictions enabled via Yama which should mitigate this problem on Ubuntu 11.04 and later (but we should still fix it). I see Quantal already has 0.7.4-4ubuntu2. Did Debian assign a CVE for it?
Thanks for your report!
Ubuntu has symlink restrictions enabled via Yama which should mitigate this problem on Ubuntu 11.04 and later (but we should still fix it). I see Quantal already has 0.7.4-4ubuntu2. Did Debian assign a CVE for it?