A vulnerability in gummi was found that uses predictable filenames in /tmp based on basename. When multiple users opens file with the same name, they could write to the same file. Attacker could also create symlinks such that the users could unintentionally overwrite some of their files. Although this case of attack depends on the configuration of /proc/sys/fs/protected_symlinks.
Created gummi tracking bugs for this issue:
Affects: fedora-all [bug 1270817]
Upstream bug report: https://github.com/alexandervdm/gummi/issues/20
gummi-0.6.6-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
gummi-0.6.6-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.