Gentoo Security Advisory GLSA 200410-24 (mit-krb5)

The remote host is missing updates announced in advisory GLSA 200410-24.
All MIT krb5 users should upgrade to the latest version: # emerge sync # emerge -pv '>=app-crypt/mit-krb5-1.3.4-r1' # emerge '>=app-crypt/mit-krb5-1.3.4-r1'
The script, included in the mit-krb5 package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.