nedit -- insecure temporary file

ID DSA-053
Type debian
Reporter Debian
Modified 2001-04-27T00:00:00


The nedit (Nirvana editor) package as shipped in the non-free section accompanying Debian GNU/Linux 2.2/potato had a bug in its printing code: when printing text it would create a temporary file with the to be printed text and pass that on to the print system. The temporary file was not created safely, which could be exploited by an attacked to make nedit overwrite arbitrary files.

This has been fixed in version 5.02-7.1.