Stefan Fritsch wrote: > If wmFrog is ever packaged vor Debian, care should be taken that > CAN-2004-2473 is fixed: > "wmFrog weather monitor 0.1.6 allows local users to overwrite > arbitrary files via a symlink attack on temporary files." > > See http://xforce.iss.net/xforce/xfdb/18232
Actually that hole I found was the reason it was removed from Debian, iirc. :-) -- see shy jo
signature.asc
Description: Digital signature
