CVE-2008-2389
CVE-2008-2389 affects opensuse-updater in openSUSE 10.2. Local users can access arbitrary files via a symlink attack due to improper handling of symbolic links in the updater. The issue is publicly documented across multiple feeds; SUSE fixed it in SUSE-SR:2008:012 (security advisory).