tunapie - several vulnerabilities

Several vulnerabilities have been discovered in Tunapie, a GUI frontend
to video and radio streams. The Common Vulnerabilities and Exposures
project identifies the following problems:

• CVE-2009-1253
  Kees Cook discovered that insecure handling of temporary files may
  lead to local denial of service through symlink attacks.
• CVE-2009-1254
  Mike Coleman discovered that insufficient escaping of stream
  URLs may lead to the execution of arbitrary commands if a user
  is tricked into opening a malformed stream URL.

For the old stable distribution (etch), these problems have been fixed
in version 1.3.1-1+etch2. Due to a technical problem, this update cannot
be released synchronously with the stable (lenny) version, but will
appear soon.

For the stable distribution (lenny), these problems have been fixed in
version 2.1.8-2.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your tunapie package.