javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "3.4.4-1ubuntu1", "binary_name": "r-base" }, { "binary_version": "3.4.4-1ubuntu1", "binary_name": "r-base-core" }, { "binary_version": "3.4.4-1ubuntu1", "binary_name": "r-base-core-dbg" }, { "binary_version": "3.4.4-1ubuntu1", "binary_name": "r-base-dev" }, { "binary_version": "3.4.4-1ubuntu1", "binary_name": "r-base-html" }, { "binary_version": "3.4.4-1ubuntu1", "binary_name": "r-doc-html" }, { "binary_version": "3.4.4-1ubuntu1", "binary_name": "r-doc-info" }, { "binary_version": "3.4.4-1ubuntu1", "binary_name": "r-doc-pdf" }, { "binary_version": "3.4.4-1ubuntu1", "binary_name": "r-mathlib" }, { "binary_version": "3.4.4-1ubuntu1", "binary_name": "r-recommended" } ] }