Red Hat Bugzilla – Bug 98817
CAN-2003-0440 semi has tmp file vulnerability
Last modified: 2007-11-30 17:06:53 EST
Description of problem:
Quoting from DSA-339-1:
semi, a MIME library for GNU Emacs, does not take appropriate
security precautions when creating temporary files. This bug could
potentially be exploited to overwrite arbitrary files with the
privileges of the user running Emacs and semi, potentially with
contents supplied by the attacker.
Version-Release number of selected component (if applicable):
Affects: 7.1, 7.2, 7.3
Affects: 2.1AS 2.1AW 2.1ES 2.1WS
RHSA-2003:231 in progress
An errata has been issued which should help the problem described in this bug report.
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen
this bug report if the solution does not work for you.