test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary
files via a symlink attack on temporary files.
I've commited honeyd-1.5c-r1 which should fix this issue. The patch was taken from debian and basically it makes test.sh use /var/log instead of /tmp for log files. Please review and CC arch teams if everything is correct.
Arches, please test and mark stable:
Target keywords : "amd64 sparc x86"
sparc stable, closing
time for glsa decision, I vote yes.
YES too, request filed.
GLSA 200812-12, thanks everyone, sorry about the "delay".