Summary: | VMware Workstation 4.0.2, Build 5592 security update | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Carsten Lohrke (RETIRED) <carlo> |
Component: | New packages | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | critical | CC: | aliz, wolf31o2 |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.vmware.com/support/ws4/doc/releasenotes_ws4.html | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
@aliz: add you, because of this pn from pilla >>Carlo hat folgendes geschrieben:: >>According to http://www.vmware.com/support/ws4/doc/releasenotes_ws4.html >>vmware-workstation-4.0.1-5289 is affected, too, so the GLSA is not correct. >> >> >>Carlo > > >Damn.... maybe you should tell the original poster aliz@gentoo.org > >In the mean time, I'll post a correction there. > >Thanks, > >pilla *** Bug 24006 has been marked as a duplicate of this bug. *** I just committed this new version of vmware to portage... you can release a GLSA on it Thx, works fine here! (AMD/XP) I've sent out a correction GLSA for this. |
> By manipulating symbolic links, a non-root user could delete files in any directory. Reproducible: Always Steps to Reproduce: 1. 2. 3.