Debian Security Advisory DSA 843-1 - Two vulnerabilities have been discovered in the ARC archive program under Unix. Eric Romang discovered that the ARC archive program under Unix creates a temporary file with insecure permissions which may lead to an attacker stealing sensitive information. Joey Schulze discovered that the temporary file was created in an insecure fashion as well, leaving it open to a classic symlink attack.
eb2cbddd736529606b33b4da39783e988ab08f14b95f9c3258caf3b846daff7c