Ubuntu Security Notice USN-254-1
21st February, 2006
noweb vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 5.10
- Ubuntu 5.04
- Ubuntu 4.10
Details
Javier Fern�ez-Sanguino Pe�iscovered that noweb scripts created
temporary files in an insecure way. This could allow a symlink attack
to create or overwrite arbitrary files with the privileges of the user
running noweb.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 5.10:
- nowebm
- Ubuntu 5.04:
- nowebm
- Ubuntu 4.10:
- nowebm
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None