Debian Linux Security Advisory 4415-1 - An arbitrary file read vulnerability was discovered in passenger, a web application server. A local user allowed to deploy an application to passenger, can take advantage of this flaw by creating a symlink from the REVISION file to an arbitrary file on the system and have its content displayed through passenger-status.
9f057adda00e1dddddac99f3a6b2a364e00a4afe17f66947a1eafacbfce8d8c0