groff security update
groff created temporary files in an insecure way. Local
attackers could potentially exploit that to overwrite files
of other users.
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 4709
Fixed bugs
bnc#698290
VUL-0: groff: insecure temporary file handling in pdfroff
bnc#683857
man: new Unicode characters in use
CVE#CVE-2009-5044
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file.
