blob: 0887865d5a3a26d334c5a1f30c9031ff9e158851 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200803-03">
<title>Audacity: Insecure temporary file creation</title>
Audacity uses temporary files in an insecure manner, allowing for a symlink
<product type="ebuild">audacity</product>
<announced>March 02, 2008</announced>
<revised>March 02, 2008: 01</revised>
<package name="media-sound/audacity" auto="yes" arch="*">
<unaffected range="ge">1.3.4-r1</unaffected>
<vulnerable range="lt">1.3.4-r1</vulnerable>
Audacity is a free cross-platform audio editor.
Viktor Griph reported that the "AudacityApp::OnInit()" method in file
src/AudacityApp.cpp does not handle temporary files properly.
<impact type="normal">
A local attacker could exploit this vulnerability to conduct symlink
attacks to delete arbitrary files and directories with the privileges
of the user running Audacity.
There is no known workaround at this time.
All Audacity users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=media-sound/audacity-1.3.4-r1&quot;</code>
<uri link="">CVE-2007-6061</uri>
<metadata tag="requester" timestamp="Wed, 20 Feb 2008 00:55:24 +0000">
<metadata tag="submitter" timestamp="Tue, 26 Feb 2008 22:46:54 +0000">
<metadata tag="bugReady" timestamp="Tue, 26 Feb 2008 22:47:07 +0000">