Mandriva Linux Security Advisory : glib2.0 (MDVSA-2009:245)
Medium Nessus Plugin ID 41619
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability was discovered and corrected in glib2.0 :
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory (CVE-2009-3289).
This update provides a solution to this vulnerability.
SolutionUpdate the affected packages.