Trustix developers discovered insecure temporary file creation in a supplemental script in the lvm10 package that didn't check for existing temporary directories, allowing local users to overwrite files via a symlink attack. For the stable distribution (woody) this problem has been fixed in version 1.0.4-5woody2. For the unstable distribution (sid) this problem has been fixed in version 1.0.8-8. We recommend that you upgrade your lvm10 package.
Trustix developers discovered insecure temporary file creation in a supplemental script in the lvm10 package that didn't check for existing temporary directories, allowing local users to overwrite files via a symlink attack.
For the stable distribution (woody) this problem has been fixed in version 1.0.4-5woody2.
For the unstable distribution (sid) this problem has been fixed in version 1.0.8-8.
We recommend that you upgrade your lvm10 package.
MD5 checksums of the listed files are available in the original advisory.