CVE-2008-1694

Publication date 22 April 2008

Last updated 24 July 2024


Ubuntu priority

vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Status

Package Ubuntu Release Status
emacs21 9.10 karmic Not in release
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Fixed 21.4a+1-5.3ubuntu1.1
7.10 gutsy
Fixed 21.4a+1-5ubuntu4.1
7.04 feisty
Fixed 21.4a+1-2ubuntu1.2
6.06 LTS dapper
Fixed 21.4a-3ubuntu2.2
emacs22 9.10 karmic
Fixed 22.2-0ubuntu2
9.04 jaunty
Fixed 22.2-0ubuntu2
8.10 intrepid
Fixed 22.2-0ubuntu2
8.04 LTS hardy
Fixed 22.1-0ubuntu10.1
7.10 gutsy
Fixed 22.1-0ubuntu5.2
7.04 feisty Not in release
6.06 LTS dapper Not in release
xemacs21 9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Fixed 21.4.21-1ubuntu3.1
7.10 gutsy
Fixed 21.4.20-1.1ubuntu0.1
7.04 feisty
Fixed 21.4.19-2ubuntu0.1
6.06 LTS dapper
Fixed 21.4.18-1ubuntu1.1

References

Related Ubuntu Security Notices (USN)

Other references