From ${URL} : I noticed pktstat creates a file with a fixed name in /tmp and writes debugging info gathered from the sniffed TCP streams into it: redacted:/tmp# ls -al smtp.log -rw-r--r-- 1 root root 236726 Feb 22 21:30 smtp.log
CVE-2013-0350 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0350): tmp_smtp.c in pktstat 1.8.5 allows local users to overwrite arbitrary files via a symlink attack on /tmp/smtp.log.
-r1 removes all functions calls setting up and writing to that debug file. Arch teams, please test and mark stable: =net-analyzer/pktstat-1.8.5-r1 Targeted stable KEYWORDS : amd64 x86
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please vote.
GLSA vote: No
Arches, Thank you for your work Maintainer(s), please drop the vulnerable version. GLSA Vote: No
Maintainer(s), Thank you for cleanup! No GLSA - Closing Bug as Resolved