Package: crip Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for crip.
CVE-2008-5376[0]: | editcomment in crip 3.7 allows local users to overwrite arbitrary | files via a symlink attack on a /tmp/*.tag.tmp temporary file. This bug could still be fixed for lenny :) For etch, it could be fixed via s-p-u. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Cheers Steffen For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5376 http://security-tracker.debian.net/tracker/CVE-2008-5376 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
