VDB
GCVE-110-MAGEIA-2013-331
GCVE-110-MAGEIA-2013-331
Advisory Published
Updated pmake package fixes security vulnerability:
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and
earlier, allow local users to overwrite arbitrary files via a symlink attack
on a /tmp/_depend##### temporary file, related to bsd.lib.mk and bsd.prog.mk
(CVE-2011-1920).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | pmake | 0 (affected), 1.45-11.1.mga3 (unaffected) | — |
| Mageia | pmake | 0 (affected), 1.45-10.1.mga2 (unaffected) | — |
Aliases
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.