Debian Security Advisory

DSA-001-1 ed -- symlink attack

Date Reported:
29 Nov 2000
Affected Packages:
ed
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2000-1137.
More information:
Alan Cox discovered that GNU ed (a classic line editor tool) created temporary files unsafely. This has been fixed in version 0.2-18.1.
Fixed in:

Debian 2.2 (potato)

Source:
http://security.debian.org/dists/stable/updates/main/source/ed_0.2-18.1.diff.gz
http://security.debian.org/dists/stable/updates/main/source/ed_0.2-18.1.dsc
http://security.debian.org/dists/stable/updates/main/source/ed_0.2.orig.tar.gz
alpha:
http://security.debian.org/dists/stable/updates/main/binary-alpha/ed_0.2-18.1_alpha.deb
arm:
http://security.debian.org/dists/stable/updates/main/binary-arm/ed_0.2-18.1_arm.deb
i386:
http://security.debian.org/dists/stable/updates/main/binary-i386/ed_0.2-18.1_i386.deb
m68k:
http://security.debian.org/dists/stable/updates/main/binary-m68k/ed_0.2-18.1_m68k.deb
powerpc:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/ed_0.2-18.1_powerpc.deb
sparc:
http://security.debian.org/dists/stable/updates/main/binary-sparc/ed_0.2-18.1_sparc.deb