Tripwire contains a flaw that may allow a malicious user to overwrite arbitrary files. The problem is that the program creates temporary files with insecure permissions. It is possible that the flaw may allow a malicious user to create a symbolic link in the /tmp directory to overwrite arbitrary files on the system resulting in a loss of integrity.
Upgrade to version 2.3.1-2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.