TDeb: Security problem with temp file handling
January 12, 2000
There is an error in the way the cfengine package handles temporary files whenit runs the tidy action on homedirectories
Summary
Severity
- Date Reported:
- 15 Feb 1999
- Affected Packages:
- cfengine
- Vulnerable:
- Yes
- For more information:
- The maintainer of Debian GNU/Linux cfengine package found a error in the way cfengine handles temporary files when it runs the tidy action on homedirectories, which makes it susceptible to a symlink attack. The author has been notified of the problem but has not released a fix yet.
- Fixed in:
- source: _1.4.9.orig.tar.gz
.4.9-3.diff.gz
-3.dsc - i386:
- m68k:
