CVE-2004-0966

Publication date 9 February 2005

Last updated 24 July 2024

Ubuntu priority

The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
gettext	7.04 feisty	Fixed 0.14.5-2ubuntu3
	6.10 edgy	Fixed 0.14.5-2ubuntu3
	6.06 LTS dapper	Fixed 0.14.5-2ubuntu3

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-5-1
gettext vulnerabilities
27 October 2004

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0966