Package name: netpbm
Advisory ID: MDKSA-2004:011-1
Date: September 27th, 2004
Original Advisory Date: February 11th, 2004
Affected versions: 10.0, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
A number of temporary file bugs have been found in versions of NetPBM.
These could allow a local user the ability to overwrite or create
files as a different user who happens to run one of the the vulnerable
The patch applied made some calls to the mktemp utility with an
incorrect parameter which prevented mktemp from creating temporary
files in some scripts.
graphics please confirm and provide a fixed ebuild if necessary.
Mandrake Advisory here:
Version 10 is unaffected by this. Graphics please patch 9.12 or advise which version above 9.20 to mark stable.
Since 10.20 is already stable on amd64 and ppc64, can we try stablizing other arches on this version? It's been around since February 2004
Yes I think we should have all arches mark a version (>=10.0) of their choice stable, so that we can get rid of the last 9.x version. Most arches already have.
Calling missing arches : hppa mips ppc sparc x86
Please test and mark 10.20 (or any other >=10 version) stable.
stable on ppc
forgot to remove it :-)
10.20 stable on x86
I'll draft the GLSA