Ubuntu Security Notice USN-43-1
20th December, 2004
groff vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 4.10
Details
Javier Fern�ez-Sanguino Pe�iscovered that the auxiliary scripts
"eqn2graph" and "pic2graph" created temporary files in an insecure
way, which allowed exploitation of a race condition to create or
overwrite files with the privileges of the user invoking the program.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 4.10:
- groff
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None
References
http://bugs.debian.org/286371, http://bugs.debian.org/286372