Joined: 12 May 2004
|Posted: Sun Oct 16, 2011 7:26 pm Post subject: [ GLSA 201110-09 ] Conky: Privilege escalation
|Gentoo Linux Security Advisory
Title: Conky: Privilege escalation (GLSA 201110-09)
Date: October 13, 2011
A privilege escalation vulnerability was found in Conky.
Conky is an advanced, highly configurable system monitor for X.
Vulnerable: < 1.8.1-r2
Unaffected: >= 1.8.1-r2
Architectures: All supported architectures
A privilege escalation vulnerability due to an insecure temporary file
was found in Conky.
A local attacker could possibly overwrite arbitrary files with the
privileges of the user running Conky.
There is no known workaround at this time.
All Conky users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/conky-1.8.1-r2"