*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: sabre XRunSabre in sabre (aka xsabre) 0.2.4b relies on the ability to create /tmp/sabre.log, which allows local users to cause a denial of service (application unavailability) by creating a /tmp/sabre.log file that cannot be overwritten. It was already fixed at Debian in version 0.2.4b-25. It just need to be synced. ** Affects: sabre (Ubuntu) Importance: Undecided Status: New ** Affects: sabre (Debian) Importance: Unknown Status: Unknown ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-4407 ** Bug watch added: Debian Bug tracker #433996 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433996 ** Also affects: sabre (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433996 Importance: Unknown Status: Unknown -- CVE-2008-4407 - Insecure temporary file https://bugs.launchpad.net/bugs/280208 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs