A Debian bug report [1] indicated that the pdfroff utility uses $$ (the current process's PID) to create predictable temporary files. pdfroff is not included in older versions of groff as provided with Red Hat Enterprise Linux 6 or earlier (1.18.1), but is included in 1.20 and higher, so Fedora 14 and higher are affected. As well, older groff includes the groff-1.18.1.4-sectmp.patch patch which fixes other temporary file issues, however Fedora 14 and higher do not include a similar patch. Recommend using the Openwall patch [2] in Fedora 14 and higher to secure this flaw and other temporary file issues that had previously been protected with the aforementioned patch. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538330 [2] http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff?rev=1.2;content-type=text%2Fplain Statement: Not vulnerable. This issue did not affect the versions of groff as shipped with Red Hat Enterprise Linux 4, 5, or 6.
Created groff tracking bugs for this issue Affects: fedora-14 [bug 709414] Affects: fedora-15 [bug 709415]
groff-1.21-4.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
groff-1.21-4.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
groff-1.21-9.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.