Debian Security Advisory DSA 292-3 (mime-support)

The remote host is missing an update to mime-support announced via advisory DSA 292-3.

I am awfully and sincerely sorry. Apparently, I wasn't able to assign enough time to this issue and produced insufficiently tested updates. I'll do my best not to repeat this. This update fixes the second problem from the original advisory: When run-mailcap is executed on a file with a potentially problematic filename, a temporary file is created (not insecurely anymore), removed and a symbolic link to this filename is created. An attacker could recreate the file before the symbolic link is created, forcing the display program to display different content. For the stable distribution (woody) this problem has been corrected in version 3.18-1.3. For the old stable distribution (potato) this problem has been corrected in version 3.9-1.3. For the unstable distribution (sid) this problem has been fixed in version 3.23-1. We recommend that you upgrade your mime-support packages.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20292-3