Date: Wed, 7 Mar 2001 23:55:55 +0100
From: Martin Schulze firstname.lastname@example.org
To: Debian Security Announcements
Subject: [SECURITY] [DSA 037-1] New versions of Athena Widget
replacement libraries available
Package : nextaw, xaw3d, xaw95
Vulnerability : insecure tempfile handling
Type : local insecure tempfile bug
Fixed version : nextaw 0.5.1-34potato1
It has been reported that the AsciiSrc and MultiSrc widget in the
Athena widget library handle temporary files insecurely. Joey Hess
has ported the bugfix from XFree86 to these Xaw replacements
We recommend you upgrade your nextaw, xaw3d and xaw95
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 2.2 alias potato
Potato was released for the alpha, arm, i386, m68k, powerpc and
sparc architectures. This package, though, is only fixed for i386
and m68k. The version for sparc is still vulnerable and isn't
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.