Synopsis: Low: ccs security update Issue date: 2011-02-16 CVE Names: CVE-2008-6552 An insecure temporary file use flaw was found in ccs_tool. A local attacker could use this flaw to conduct a symbolic link attack, allowing them to overwrite (with the output of ccs_tool) an arbitrary file writable by the victim running ccs_tool. (CVE-2008-6552) SL 4.x SRPMS: ccs-1.0.13-2.src.rpm i386: ccs-1.0.13-2.i686.rpm ccs-devel-1.0.13-2.i686.rpm x86_64: ccs-1.0.13-2.x86_64.rpm ccs-devel-1.0.13-2.x86_64.rpm -Connie Sieh -Troy Dawson