1
Candidate: CVE-2011-0702
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0702
6
The feh_unique_filename function in utils.c in feh before 1.11.2 might
7
allow local users to overwrite arbitrary files via a symlink attack on a
8
/tmp/feh_ temporary file.
11
mdeslaur> maverick+ may be unaffected because of symlink restrictions
13
https://bugs.launchpad.net/ubuntu/+source/feh/+bug/607328
14
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612035
15
https://github.com/derf/feh/issues/#issue/32
16
https://bugzilla.redhat.com/show_bug.cgi?id=676389
22
upstream: https://derf.homelinux.org/git/feh/commit/?id=23421a86cc826dd30f3dc4f62057fafb04b3ac40
23
upstream_feh: released (1.11.2)
24
dapper_feh: ignored (reached end-of-life)
25
hardy_feh: ignored (reached end-of-life)
26
karmic_feh: ignored (reached end-of-life)
27
lucid_feh: ignored (reached end-of-life)
28
maverick_feh: ignored (reached end-of-life)
29
natty_feh: ignored (reached end-of-life)
30
oneiric_feh: not-affected (1.13-1)
31
precise_feh: not-affected (1.13-1)
32
quantal_feh: not-affected (1.13-1)
33
raring_feh: not-affected (1.13-1)
34
saucy_feh: not-affected (1.13-1)
35
devel_feh: not-affected (1.13-1)