Package: pvpgn Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for pvpgn.
CVE-2008-5370[0]: | pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite | arbitrary files via a symlink attack on the | /tmp/pvpgn-support-1.0.tar.gz temporary file. The problem appears to be in line 104 in pvpgn-support-installer. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Cheers Steffen For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5370 http://security-tracker.debian.net/tracker/CVE-2008-5370 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
