lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue Oct  4 13:20:34 2005
From: martin.pitt at (Martin Pitt)
Subject: [USN-193-1] dia vulnerability

Ubuntu Security Notice USN-193-1	   October 04, 2005
dia vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:


The problem can be corrected by upgrading the affected package to
version 0.94.0-5ubuntu1.1.  After a standard system upgrade you have
to restart dia to effect the necessary changes.

Details follow:

Joxean Koret discovered that the SVG import plugin did not properly
sanitise data read from an SVG file. By tricking an user into opening
a specially crafted SVG file, an attacker could exploit this to
execute arbitrary code with the privileges of the user.

  Source archives:
      Size/MD5:    14159 e9704dd46e24cb3cd11874a499692b6e
      Size/MD5:     1408 9d47820c11fde0876377ec119bdd6a7e
      Size/MD5:  5241128 d2afdc10f55df29314250d98dbfd7a79

  Architecture independent packages:
      Size/MD5:  2148620 255d09ecefe04651433da82730b2b17d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:   194718 c8d54ed3e5ac7a0cc006a951e08be9d0
      Size/MD5:   658936 b80672bede2ca8081017f0a9dc70a483
      Size/MD5:   193040 ed010c5c285236d0306f3faf1a31142d

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:   176774 dbfd08f4eb1a3ac2c03708f642e0b669
      Size/MD5:   579934 2f8e713d629000abccb740c17e108b01
      Size/MD5:   175298 2b760f4256be15ee369b300dc46d6d94

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:   184416 1f3ee515f8addd2716141de23dc66833
      Size/MD5:   674436 7988c9c44120c67552248aedb5129b67
      Size/MD5:   182920 411970ed6af036ebd895b7f8659f9944
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url :

Powered by blists - more mailing lists