CVE-2012-2120

Priority
Negligible
Description
latex2man in texlive-extra-utils 2011.20120322, and possibly other versions
or packages, when used with the H or T option, allows local users to
overwrite arbitrary files via a symlink attack on a temporary file.
References
Bugs
Notes
jdstrand> Ubuntu 10.10 have symlink protections in place
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):needed
Ubuntu 13.10 (Saucy Salamander):ignored (reached end-of-life)
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 14.10 (Utopic Unicorn):needed
More Information

Valid XHTML 1.0 Strict

Updated: 2014-07-17 15:15:17 UTC (commit 8246)