Package: tkman Version: 2.2-1 Severity: important Tags: security Hi,
The following CVE (Common Vulnerabilities & Exposures) id was published for tkman. CVE-2008-5137[1]: > tkman in tkman 2.2 allows local users to overwrite arbitrary files via a > symlink attack on a (1) /tmp/tkman##### or (2) /tmp/ll temporary file. If you fix the vulnerability please also make sure to include the CVE id in the changelog entry. [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5137 http://security-tracker.debian.net/tracker/CVE-2008-5137 Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
