Debian Security Advisory DSA 806-1 - Marcus Meissner discovered that the cvsbug program from gcvs, the Graphical frontend for CVS, which serves the popular Concurrent Versions System, uses temporary files in an insecure fashion.
22c1553dccc4c94be862c8286a2bfbd11b58c2658a49caf956aae3fdeeaf2596
FreeBSD Security Advisory FreeBSD-SA-05-20.cvsbug - A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file.
42359b765b65baccde1ce2c51098dbada23fc98d9631451d3ea628c76795611b