USN-1979-1: txt2man vulnerability
30 September 2013
txt2man could be made to overwrite files.
- txt2man - Converts flat ASCII text to man page format
Patrick J Cherry discovered that txt2man contained leftover debugging code
that incorrectly created a temporary file. A local attacker could possibly
use this issue to overwrite arbitrary files. In the default Ubuntu
installation, this should be prevented by the Yama link restrictions.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.