MGASA-2013-0331

Source
https://advisories.mageia.org/MGASA-2013-0331.html
Import Source
https://advisories.mageia.org/MGASA-2013-0331.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2013-0331
Upstream
  • CVE-2011-1920
Published
2013-11-20T20:26:06Z
Modified
2026-04-16T06:22:32.167020026Z
Summary
Updated pmake packages fix CVE-2011-1920
Details

Updated pmake package fixes security vulnerability:

The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and earlier, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to bsd.lib.mk and bsd.prog.mk (CVE-2011-1920).

References
Credits

Affected packages

Mageia:2 / pmake

Package

Name
pmake
Purl
pkg:rpm/mageia/pmake?arch=source&distro=mageia-2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.45-10.1.mga2

Ecosystem specific

{
    "section": "core"
}

Database specific

source
"https://advisories.mageia.org/MGASA-2013-0331.json"

Mageia:3 / pmake

Package

Name
pmake
Purl
pkg:rpm/mageia/pmake?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.45-11.1.mga3

Ecosystem specific

{
    "section": "core"
}

Database specific

source
"https://advisories.mageia.org/MGASA-2013-0331.json"