• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Emacs flim Library Insecure Temporary File Creation Vulnerability

Solution:
Debian has released an advisory (DSA 500-1) and fixes for this issue. See the referenced advisory for links to fixed packages.

RedHat has released an advisory (RHSA-2004:344-04) to address this issue in Red Hat Enterprise Linux. Please see the advisory in Web references for more information.

Red Hat has released a Fedora legacy advisory (FLSA:1581) to address this issue in flim. This advisory fixes the issue in Red Hat Linux 7.3 and 9 running on the i386 architecture. Please see the referenced advisory for more details and information about obtaining fixes.

Red Hat Fedora has released an advisory dealing with this issue for their Core 2 product. Please see the referenced advisory for more information.


RedHat Fedora Core2

• RedHat flim-1.14.7-0.FC2.noarch.rpm
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/i386 /flim-1.14.7-0.FC2.noarch.rpm


• RedHat flim-1.14.7-0.FC2.noarch.rpm
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/x86_ 64/flim-1.14.7-0.FC2.noarch.rpm

Debian Linux 3.0

• Debian flim_1.14.3-9woody1_all.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/f/flim/flim_1.14.3-9woody 1_all.deb