Nom du paquet
gnorpm
Date
2000-10-06
Advisory ID
MDKSA-2000:055
Affected versions
6.1 i586 , 7.0 i586

Problem description

Versions of GnoRPM prior to 0.95 used files in the /tmp directory in an insecure manner. If GnoRPM is run as root, a local user can exploit this behaviour to trick GnoRPM into writing to arbitrary files anywhere on the system.

Updated packages

6.1 i586

 42f258faadf07ac6d4bd8dfdbf1ecc6d  6.1/RPMS/gnorpm-0.9-5mdk.i586.rpm
9beeebc4d4394ae67d035b764cbb7c90  6.1/SRPMS/gnorpm-0.9-5mdk.src.rpm

7.0 i586

 6418822070f5579a5d0ae103bb28568b  7.0/RPMS/gnorpm-0.9-5mdk.i586.rpm
9beeebc4d4394ae67d035b764cbb7c90  7.0/SRPMS/gnorpm-0.9-5mdk.src.rpm