The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
http://secunia.com/advisories/28838
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html