[wml] [CVE-2008-0665] [CVE-2008-0666] insecure temporary files

hardy fixed.

+wml (2.0.11-2ubuntu0.1) gutsy-security; urgency=low
+
+ * debian/control
+ - updated maintainer field
+ * SECURITY UPDATE: (LP: #191205)
+ + wml_backend/p1_ipp/ipp.src (CVE-2008-0665)
+ - in Website META Language (WML) 2.0.11 allows local
+ users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp
+ temporary file.
+ + wlm_backend/p3_eperl/eperl_sys.c wml_contrib/wmg.cgi (CVE-2008-0666)
+ - Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary
+ files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by
+ wml_contrib/wmg.cgi and (2) temporary files used by
+ wml_backend/p3_eperl/eperl_sys.c.
+ * References
+ + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0665
+ + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0666
+ + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463907
+
+ -- Emanuele Gentili <email address hidden> Mon, 10 Mar 2008 16:58:14 +0100

same edgy version, debdiff attached.

Edgy/Dapper versions need to follow the SUP's versioning scheme -- they can't be the same version number in security updates.

[1] https://wiki.ubuntu.com/SecurityUpdateProcedures

Feisty and Gutsy uploaded, thanks! They should publish shortly.

Sorry to keep picking on these debdiffs, but dapper and edgy can't have maintainer field updates -- the build tools don't expect it.

Great! Thanks, dapper/edgy have been uploaded.

This bug was fixed in the package wml - 2.0.11-2ubuntu0.1

---------------
wml (2.0.11-2ubuntu0.1) gutsy-security; urgency=low

  * debian/control
   - updated maintainer field
  * SECURITY UPDATE: (LP: #191205)
   + wml_backend/p1_ipp/ipp.src (CVE-2008-0665)
    - in Website META Language (WML) 2.0.11 allows local
      users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp
      temporary file.
   + wlm_backend/p3_eperl/eperl_sys.c wml_contrib/wmg.cgi (CVE-2008-0666)
    - Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary
      files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by
      wml_contrib/wmg.cgi and (2) temporary files used by
      wml_backend/p3_eperl/eperl_sys.c.
  * References
   + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0665
   + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0666
   + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463907

 -- Emanuele Gentili <email address hidden> Mon, 10 Mar 2008 16:58:14 +0100

This bug was fixed in the package wml - 2.0.11-1ubuntu0.1

---------------
wml (2.0.11-1ubuntu0.1) feisty-security; urgency=low

  * debian/control
   - updated maintainer field
  * SECURITY UPDATE: (LP: #191205)
   + wml_backend/p1_ipp/ipp.src (CVE-2008-0665)
    - in Website META Language (WML) 2.0.11 allows local
      users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp
      temporary file.
   + wlm_backend/p3_eperl/eperl_sys.c wml_contrib/wmg.cgi (CVE-2008-0666)
    - Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary
      files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by
      wml_contrib/wmg.cgi and (2) temporary files used by
      wml_backend/p3_eperl/eperl_sys.c.
  * References
   + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0665
   + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0666
   + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463907

 -- Emanuele Gentili <email address hidden> Mon, 10 Mar 2008 17:28:13 +0100