From redhad bugzilla at $URL: Multiple (by checking for ATM technology support, checking for Xtables extension support, checking for setns() system call support, and in dhcp-client-script example script) insecure temporary file use cases were found in iproute. A local attacker could use this flaw to conduct symbolic link attacks (modify or remove files via specially-crafted link names). Upstream patches: [1] http://git.kernel.org/?p=linux/kernel/git/shemminger/iproute2.git;a=commitdiff;h=e557d1ac3a156ba7521ba44b0b412af4542f83f8 [2] http://git.kernel.org/?p=linux/kernel/git/shemminger/iproute2.git;a=commitdiff;h=20ed7b24df05eadf83168d1d0ce0052a31380928
this has never really been an issue for Gentoo. i've specifically made sure to not run the bundled configure script since it has a lot of hardcoded stuff (compiler, flags, paths, etc...). as for the example script, i don't see this needing to be addressed in the ebuild. we install it as documentation.