It has been discovered that tkmail creates temporary files insecurely.
Exploiting this an attacker with local access can easily create and
overwrite files as another user.
This problem has been fixed in version 4.0beta9-8.1 for the current
stable distribution (woody), in version 4.0beta9-4.1 for the old
stable distribution (potato) and in version 4.0beta9-9 for the
unstable distribution (sid).
We recommend that you upgrade your tkmail packages.