eldav -- insecure temporary file

2003-06-19T00:00:00
ID DSA-325
Type debian
Reporter Debian
Modified 2003-06-19T00:00:00

Description

eldav, a WebDAV client for Emacs, creates temporary files without taking appropriate security precautions. This vulnerability could be exploited by a local user to create or overwrite files with the privileges of the user running emacs and eldav.

For the stable distribution (woody) this problem has been fixed in version 0.0.20020411-1woody1.

The old stable distribution (potato) does not contain an eldav package.

For the unstable distribution (sid) this problem has been fixed in version 0.7.2-1.

We recommend that you update your eldav package.