Hi,
On Wed, 2011-04-06 at 22:26 +0100, Adam D. Barratt wrote:
> On Sun, 2011-04-03 at 07:44 -0700, Daniel Burrows wrote:
> > The version of aptitude in stable contains a security bug that could
> > theoretically allow a symlink attack in /tmp.
[...]
> Thanks. That does seem a rather narrow attac
On Sun, 2011-04-03 at 07:44 -0700, Daniel Burrows wrote:
> The version of aptitude in stable contains a security bug that could
> theoretically allow a symlink attack in /tmp. However, it can only be
> exploited in a very narrow set of circumstances: the user must have no
> home directory, and th
Hi all,
The version of aptitude in stable contains a security bug that could
theoretically allow a symlink attack in /tmp. However, it can only be
exploited in a very narrow set of circumstances: the user must have no
home directory, and they must invoke the "hierarchy editor" (an old and
mos
3 matches
Mail list logo
