On Thu, 2004-10-28 at 19:32 +0200, Wolfgang Pfeiffer wrote: > On Thu, 2004-10-28 at 15:58 +0200, Martin Schulze wrote: [...] > > A temporary file problem has been discovered in xlsview from the > > catdoc suite, convertors from Word to TeX and plain text, which could > > lead to local users being able to overwrite arbitrary files via a > > symlink attack on predictable temporary file names. > >[...] > > We recommend that you upgrade your catdoc package. [...] > I tried to find the package you were reporting about, and I could not > find it anywhere in the Debian repositories: > > <http://packages.debian.org/cgi-bin/search_packages.pl?version=all&subword=1&exact=&arch=any&releases=all&case=insensitive&keywords=catdog&searchon=all>
Not all together surprising if that's the search you tried. > Actually there is neither an xlsview nor a catdog reference in the > Debian repositories, or that's at least what the Debian packages search > engine makes me believe. Provided I didn't make a mistake ... You did indeed make a mistake. The advisory isn't related to a package called "catdo*g*". catdoc, otoh, exists in stable, testing and unstable. Regards, Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
