A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
groff
The problem can be corrected by upgrading the affected package to version 1.18.1.1-1ubuntu0.2. In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Javier Fernández-Sanguino Peña discovered that the auxiliary scripts "eqn2graph" and "pic2graph" created temporary files in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the user invoking the program.