Bug#348322: marked as forwarded (ee: [CVE-2006-0055] insecure temporary files)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Wed, 20 Dec 2006 19:23:12 +0200
with message-id <[🔎] 87hcvqqy67.fsf@w2kpicasso.cante.net>
has caused the Debian Bug report #348322,
regarding ee: [CVE-2006-0055] insecure temporary files
to be marked as having been forwarded to the upstream software
author(s) hmahon@uswest.net.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

• To: hmahon@uswest.net
• Cc: 348322@bugs.debian.org, 348322-forwarded@bugs.debian.org
• Subject: Linu ee: Security advisory - malicious local user to overwrite arbitrary files on the system
• From: Jari Aalto <jari.aalto@cante.net>
• Date: Wed, 20 Dec 2006 19:23:12 +0200
• Message-id: <[🔎] 87hcvqqy67.fsf@w2kpicasso.cante.net>

Hi Hugh,

Concerning this:

  FreeBSD ee ispell_op Function Symlink Arbitrary File Overwrite
  http://osvdb.org/displayvuln.php?osvdb_id=22320

Could you apply this change and release new version of ee:

   ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-06:02/ee.patch

This would help fixing the Debian bug at:

   ee: [CVE-2006-0055] insecure temporary files
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=348322
   
Jari

--- End Message ---