Trustix developers discovered insecure temporary file creation in a
supplemental script (der_chop) of the openssl package which may allow
local users to overwrite files via a symlink attack.