*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: sabre
XRunSabre in sabre (aka xsabre) 0.2.4b relies on the ability to create
/tmp/sabre.log, which allows local users to cause a denial of service
(application unavailability) by creating a /tmp/sabre.log file that
cannot be overwritten.
It was already fixed at Debian in version 0.2.4b-25. It just need to be
synced.
** Affects: sabre (Ubuntu)
Importance: Undecided
Status: New
** Affects: sabre (Debian)
Importance: Unknown
Status: Unknown
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-4407
** Bug watch added: Debian Bug tracker #433996
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433996
** Also affects: sabre (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433996
Importance: Unknown
Status: Unknown
--
CVE-2008-4407 - Insecure temporary file
https://bugs.launchpad.net/bugs/280208
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
