Package: xcdroast
Severity: important
Tags: woody security

Good day,

>From CAN-2003-1155 :

| X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite
| arbitrary files via a symlink attack on an unknown file.

This is fixed in debian package 0.98+0alpha15-1 (so sarge and sid are
not affected).

Regards

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: powerpc (ppc)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-rc3
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages xcdroast depends on:
pn  cdda2wav                                 Not found.
ii  cdrecord                 4:2.01+01a01-4  command line CD writing tool
ii  debconf                  1.4.49          Debian configuration management sy
ii  libc6                    2.3.2.ds1-22    GNU C Library: Shared libraries an
ii  libgdk-pixbuf2           0.22.0-8        The GdkPixBuf image library, gtk+ 
ii  libglib1.2               1.2.10-10       The GLib library of C routines
ii  libgtk1.2                1.2.10-17       The GIMP Toolkit set of widgets fo
ii  libx11-6                 4.3.0.dfsg.1-13 X Window System protocol client li
ii  libxext6                 4.3.0.dfsg.1-13 X Window System miscellaneous exte
ii  libxi6                   4.3.0.dfsg.1-13 X Window System Input extension li
ii  makedev                  2.3.1-78        creates device files in /dev
ii  mkisofs                  4:2.01+01a01-4  Creates ISO-9660 CD-ROM filesystem
ii  xlibs                    4.3.0.dfsg.1-13 X Keyboard Extension (XKB) configu


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to