Package: gpsdrive Version: 2.09-2.1 Severity: important Tags: security Hi,
The following CVE (Common Vulnerabilities & Exposures) id was published for gpsdrive. CVE-2008-5380[1]: > gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite > arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b) > /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.* temporary > file, related to the (1) geo-code and (2) geo-nearest scripts, different > vectors than CVE-2008-4959. If you fix the vulnerability please also make sure to include the CVE id in the changelog entry. [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5380 http://security-tracker.debian.net/tracker/CVE-2008-5380 Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
