Steve Kemp from the Debian Security Audit project discovered that
fireflier-server, an interactive firewall rule creation tool, uses temporary
files in an unsafe manner which may be exploited to remove arbitrary files from
the local system.
For the old stable distribution (sarge) this problem has been fixed in
version 1.1.5-1sarge1.
For the stable distribution (etch) this problem has been fixed in
version 1.1.6-3etch1.
For the unstable distribution (sid) this problem will be fixed shortly.
We recommend that you upgrade your fireflier-server package.