GCC-XML is an XML output extension to the C++ front-end of GCC.
Dmitry E. Oboukhov reported that find_flags in GCC-XML does not handle "/tmp/*.cxx" temporary files securely.
A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application.
There is no known workaround at this time.
All GCC-XML users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-cpp/gccxml-0.9.0_pre20090516"