Your submission was sent successfully! Close

USN-657-1: Amarok vulnerability

21 October 2008

Amarok vulnerability

Releases

Packages

Details

Dwayne Litzenberger discovered that Amarok created temporary files in
an insecure way. Local users could exploit a race condition to create
or overwrite files with the privileges of the user invoking the
program. (CVE-2008-3699)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 8.04
Ubuntu 7.10

After a standard system upgrade you need to restart Amarok to effect
the necessary changes.

References