Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2008-1694

Publication date 22 April 2008

Last updated 24 July 2024


Ubuntu priority

vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Status

Package Ubuntu Release Status
emacs21 9.10 karmic Not in release
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Fixed 21.4a+1-5.3ubuntu1.1
7.10 gutsy
Fixed 21.4a+1-5ubuntu4.1
7.04 feisty
Fixed 21.4a+1-2ubuntu1.2
6.06 LTS dapper
Fixed 21.4a-3ubuntu2.2
emacs22 9.10 karmic
Fixed 22.2-0ubuntu2
9.04 jaunty
Fixed 22.2-0ubuntu2
8.10 intrepid
Fixed 22.2-0ubuntu2
8.04 LTS hardy
Fixed 22.1-0ubuntu10.1
7.10 gutsy
Fixed 22.1-0ubuntu5.2
7.04 feisty Not in release
6.06 LTS dapper Not in release
xemacs21 9.10 karmic
Not affected
9.04 jaunty
Not affected
8.10 intrepid
Not affected
8.04 LTS hardy
Fixed 21.4.21-1ubuntu3.1
7.10 gutsy
Fixed 21.4.20-1.1ubuntu0.1
7.04 feisty
Fixed 21.4.19-2ubuntu0.1
6.06 LTS dapper
Fixed 21.4.18-1ubuntu1.1

References

Related Ubuntu Security Notices (USN)

Other references