Bug#439226: CVE-2007-4462: arbitrary files overwriting

Hello, On Fri, Aug 31, 2007 at 05:39:47PM +0200, Moritz Muehlenhoff wrote: > > Which enduser tools use the affected code and which operations trigger the > vulnerability? > > Given that there's apparently no regularly scheduled execution (e.g. in > comparison to a server cron job), that the .pm

Bug#439226: CVE-2007-4462: arbitrary files overwriting

Nicolas François wrote: > > Hi, > > > > A security issue has been reported against your package po4a: > > > > > lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite > > > arbitrary files via a symlink attack on the gettextization.failed.po > > > temporary file. > > > > http:

Bug#439226: CVE-2007-4462: arbitrary files overwriting

found 439226 0.20-2 found 439226 0.29-1 notfound 439226 0.31-1 thanks Hi, On Thu, Aug 23, 2007 at 02:27:03PM +0200, [EMAIL PROTECTED] wrote: > Hi, > > A security issue has been reported against your package po4a: > > > lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite >

Processed: Re: Bug#439226: CVE-2007-4462: arbitrary files overwriting

Processing commands for [EMAIL PROTECTED]: > found 439226 0.20-2 Bug#439226: CVE-2007-4462: arbitrary files overwriting Bug marked as found in version 0.20-2. > found 439226 0.29-1 Bug#439226: CVE-2007-4462: arbitrary files overwriting Bug marked as found in version 0.29-1. > notfou

Bug#439226: CVE-2007-4462: arbitrary files overwriting

Package: po4a Severity: serious Tags: security Hi, A security issue has been reported against your package po4a: > lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite > arbitrary files via a symlink attack on the gettextization.failed.po > temporary file. http://cve.mitre.