CVE-2008-5154 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5154): bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/blue.log temporary file.
Please apply the patch in $URL and revbump.
Hi, I just checked the patch that Debian proposes; this is the relevant part: --- p3nfs-5.19.orig/etc/bluetooth.rc +++ p3nfs-5.19/etc/bluetooth.rc @@ -14,7 +14,8 @@ prog="bluetooth" ROOT=/local/bluez-2.0 -exec >> /tmp/blue.log 2>&1 +TMPFILE=$(mktemp -t blueXXXXXXXXX || exit 1) +exec >> $TMPFILE 2>&1 echo "--------------------" echo "$*" The vulnerable part that is being patched is a bluetooth subsystem start/stop script that is not even installed by our ebuild. This is a resolved:INVALID to me...
(In reply to comment #2) > [...] > The vulnerable part that is being patched is a bluetooth subsystem start/stop > script that is not even installed by our ebuild. > > This is a resolved:INVALID to me... > ack, closing as invalid then.
