Problem description
The "sort_offline" function used by texindex(1) employs the
"maketempname" function, which produces predictable file names
and fails to validate that the paths do not exist.
Impact
These predictable temporary file names are problematic because
they allow an attacker to take advantage of a race condition in
order to execute a symlink attack, which could enable them to
overwrite files on the system in the context of the user running
the texindex(1) utility.
Workaround
No workaround is available, but the problematic code is only
executed if the input file being processed is 500kB or more in
length; as a result, users working with documents of less than
several hundred pages are very unlikely to be affected.