Candidate: CVE-2011-3616
PublicDate: 2011-11-04 21:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3616
Description:
 The getSkillname function in the eve module in Conky 1.8.1 and earlier
 allows local users to overwrite arbitrary files via a symlink attack on
 /tmp/.cesf.
Ubuntu-Description: 
Notes: 
 tyhicks> Likely mitigated by Yama in Maverick and newer.
Bugs: 
 https://launchpad.net/bugs/607309
 http://bugs.debian.org/612033
Priority: medium
Discovered-by:
Assigned-to: 
CVSS: 

Patches_conky:
upstream_conky: needs-triage
hardy_conky: ignored (reached end-of-life)
lucid_conky: ignored (reached end-of-life)
maverick_conky: ignored (reached end-of-life)
natty_conky: ignored (reached end-of-life)
oneiric_conky: released (1.8.1-2)
precise_conky: not-affected (1.8.1-5)
quantal_conky: not-affected (1.8.1-5)
raring_conky: not-affected (1.8.1-5)
saucy_conky: not-affected (1.8.1-5)
devel_conky: not-affected (1.8.1-5)