Ubuntu Security Notice USN-208-1
17th October, 2005
graphviz vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 5.04
Details
Javier Fern�ez-Sanguino Pe�iscovered that the "dotty" tool
created and used temporary files in an insecure way. A local attacker
could exploit this with a symlink attack to create or overwrite
arbitrary files with the privileges of the user running dotty.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 5.04:
- graphviz
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None