Bug 393251 - (CVE-2007-6061) CVE-2007-6061 Audacity insecure temporary file handling
CVE-2007-6061 Audacity insecure temporary file handling
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 436260
  Show dependency treegraph
Reported: 2007-11-20 16:59 EST by Red Hat Product Security
Modified: 2016-03-04 07:46 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-07-25 06:18:41 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Lubomir Kundrak 2007-11-20 16:59:26 EST
Description of problem:

As per report from Gentoo (see URL) Anaconda uses a temporary file with
predictable name, which can be exploited locally by conducting a symlink attack
to remove arbitrary file from victim's home directory.
Comment 1 Lubomir Kundrak 2007-11-20 17:00:08 EST
Comment 2 Lubomir Kundrak 2007-11-20 17:01:47 EST
CVE identifier for this issue was requested.
Comment 3 Tomas Hoger 2008-03-03 03:01:04 EST
Gentoo has released a security advisory to address this flaw:


Here is the patch used by Gentoo:

Comment 5 Huzaifa S. Sidhpurwala 2008-05-01 23:27:14 EDT
Any idea, as to when this will be fixed in fedora?
Comment 6 Fedora Update System 2008-05-10 09:55:07 EDT
audacity-1.3.2-21.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 7 Fedora Update System 2008-05-10 09:56:17 EDT
audacity-1.3.2-21.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Michael Schwendt 2008-05-13 17:05:56 EDT
Auto-closing this failed due to a bug in bodhi.
Comment 9 Mark J. Cox (Product Security) 2008-05-14 04:44:57 EDT
opening, shouldn't be autoclosed as this is the bug we use for tracing audacity
across all red hat products and services, not just Fedora.
Comment 11 Red Hat Product Security 2008-07-25 06:18:41 EDT
This issue was addressed in:


Comment 12 Red Hat Bugzilla 2009-10-23 15:06:11 EDT
Reporter changed to security-response-team@redhat.com by request of Jay Turner.

Note You need to log in before you can comment on or make changes to this bug.