Path to this page:
Subject: CVS commit: pkgsrc/emulators/wine
From: Lubomir Sedlacik
Date: 2005-08-12 15:57:44
Message id: 20050812135744.F043F2DA27@cvs.netbsd.org
Log Message:
Security fix for SA16352.
"A vulnerability in wine can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated privileges.
The vulnerability is caused due to a temporary file being created
insecurely in "/tmp" by winelauncher.in under certain error conditions.
This can be exploited via symlink attacks to create or overwrite
arbitrary files with the privileges of the user running the affected
application."
http://secunia.com/advisories/16352/
Patch from Wine CVS.
Files: