Steve Grubb of Red Hat discovered that vcdiff script as shipped with Emacs
(confirmed in versions 20.7 to 22.1.50) uses temporary files insecurely,
which makes it possible for local attacker to conduct a symlink attack and
make the victim overwrite arbitrary file.

diff -ur emacs-21.4.orig/lib-src/vcdiff emacs-21.4/lib-src/vcdiff
--- emacs-21.4.orig/lib-src/vcdiff	2006-09-28 12:07:51.000000000 -0400
+++ emacs-21.4/lib-src/vcdiff	2006-09-28 15:58:53.000000000 -0400
@@ -86,14 +86,14 @@
 	case $f in
 	s.* | */s.*)
 		if
-			rev1=/tmp/geta$$
+			rev1=`mktemp /tmp/geta.XXXXXXXX`
 			get -s -p -k $sid1 "$f" > $rev1 &&
 			case $sid2 in
 			'')
 				workfile=`expr " /$f" : '.*/s.\(.*\)'`
 				;;
 			*)
-				rev2=/tmp/getb$$
+				rev2=`mktemp /tmp/getb.XXXXXXXX`
 				get -s -p -k $sid2 "$f" > $rev2
 				workfile=$rev2
 			esac