It was discovered that acpid, the Advanced Configuration and Power Interface event daemon, on the oldstable distribution (etch) creates its log file with weak permissions, which might expose sensitive information or might be abused by a local user to consume all free disk space on the same partition of the file. For the oldstable distribution (etch), this problem has been fixed in version 1.0.4-5etch2. The stable distribution (lenny) in version 1.0.8-1lenny2 and the unstable distribution (sid) in version 1.0.10-5, have been updated to fix the weak file permissions of the log file created by older versions. We recommend that you upgrade your acpid packages.
It was discovered that acpid, the Advanced Configuration and Power Interface event daemon, on the oldstable distribution (etch) creates its log file with weak permissions, which might expose sensitive information or might be abused by a local user to consume all free disk space on the same partition of the file.
For the oldstable distribution (etch), this problem has been fixed in version 1.0.4-5etch4.
The stable distribution (lenny) in version 1.0.8-1lenny2 and the unstable distribution (sid) in version 1.0.10-5, have been updated to fix the weak file permissions of the log file created by older versions.
We recommend that you upgrade your acpid packages.
MD5 checksums of the listed files are available in the original advisory.
Vulmon