VDB

GCVE-110-MAGEIA-2013-331

GCVE-110-MAGEIA-2013-331
Advisory Published
Vulnetix · Advisory published November 20, 2013
Updated pmake package fixes security vulnerability: The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and earlier, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to bsd.lib.mk and bsd.prog.mk (CVE-2011-1920).

Affected Products

VendorProductVersionsPlatforms
Mageiapmake0 (affected), 1.45-11.1.mga3 (unaffected)
Mageiapmake0 (affected), 1.45-10.1.mga2 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›