Debian Security Advisory 636-1 - Several insecure uses of temporary files have been discovered in support scripts in the libc6 package which provides the c library for a GNU/Linux system. Trustix developers found that the catchsegv script uses temporary files insecurely. Openwall developers discovered insecure temporary files in the glibcbug script. These scripts are vulnerable to a symlink attack.
ecf96ce0bebe95a4b7e9b26f4e8bebb7a28ac97d160e4fe84306169da911cc67