CVE-2008-4968 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4968): The (1) rccs and (2) STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff.##### temporary file.
Confirmed for our in-tree version. http://dev.gentoo.org/~rbu/security/debiantemp/lmbench
*ping*
Larry wrote: I would close that out as a silly bug. You shouldn't be running lmbench as root. [...] If you (or anyone) wants to submit a patch I'm happy to review and apply it. lmbench is open source, that's the whole point. I'm busy with my day job, when I don't have that problem maybe I'll be more interested in silly security reports. [...]
a closer look at all /tmp usage shows there are more possibilities than listed here. In light of the almost dead upstream I'm in favour of a purge of the package. Alternate packages exist in the app-benchmarks category. Objections anyone (last rites email coming soon)?
package removed. (dev-announce was sent 2009-02-07)
We need to vote: I vote YES.
YES, filed.
GLSA 200909-10