CVE-2012-2120

Priority
Negligible
Description
latex2man in texlive-extra-utils 2011.20120322, and possibly other versions
or packages, when used with the H or T option, allows local users to
overwrite arbitrary files via a symlink attack on a temporary file.
References
Bugs
Notes
 jdstrand> Ubuntu 10.10 have symlink protections in place
Package
Upstream:released (2012.20130315-1)
Ubuntu 12.04 LTS (Precise Pangolin):needed
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (2013.20130729.30972-2build3)
Ubuntu 15.04 (Vivid Vervet):not-affected (2014.20140926.35254-6)
Ubuntu 15.10 (Wily Werewolf):not-affected (2014.20140926.35254-6)
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:17:16 UTC (commit 9756)