CVE-2008-5145 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5145): ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/runltp.mainmenu.##### temporary file.
grep -i "/tmp/" ./ltp-full-20081031/ltpmenu | grep -e rm -e ">" rm -f /tmp/runltp.* which $cmd &>/tmp/runltp.err.$$ ; 2>/tmp/runltp.results.$$ || RC=$? 2>/tmp/runltp.outdir.$$ ; 2>/tmp/runltp.interval.$$ ; 2>/tmp/runltp.length.$$ ; 2>/tmp/runltp.choice.$$ || RC=$? >> /tmp/runltp.test.list.$$ ; 2>/tmp/runltp.out.$$ ; 2>/tmp/runltp.out.$$ ; 2>/tmp/runltp.scenario.$$ || RC=$? 2>/tmp/runltp.mainmenu.$$ || RC=$? As it's already hardmasked, it might be ok to just add a hint in package.mask and close this?
Will have a look really soon now.
Punted old version.
Punted? What do you mean?!