Ubuntu Security Notice USN-223-1
5th December, 2005
inkscape vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 5.04
Details
Javier Fern�ez-Sanguino Pe�iscovered that Inkscape's ps2epsi.sh
script, which converts PostScript files to Encapsulated PostScript
format, creates a temporary file in an insecure way. A local attacker
could exploit this with a symlink attack to create or overwrite
arbitrary files with the privileges of the user running Inkscape.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 5.04:
- inkscape
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None