Tag Other identifiers Severity Information
- File overwrite by setuid programs Setuid programs using GnuTLS 3.4.12 could potentially allow an attacker to overwrite and corrupt arbitrary files in the filesystem. This issue was introduced in GnuTLS 3.4.12 and fixed in GnuTLS 3.4.13. Recommendation: Upgrade to GnuTLS 3.4.13, or later versions.
Already in tree, let's wait for a few days as build changes are not trivial.
(In reply to Alon Bar-Lev from comment #1)
> Already in tree, let's wait for a few days as build changes are not trivial.
Thanks, since this does not affect stable, once affected version (3.4.12) is removed from tree you can close the bug.
OK, I cleaned up all unstable packages.