[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200607242104.k6OL4Od6019025@lambchop.rdu.rpath.com>
Date: Mon, 24 Jul 2006 17:04:24 -0400
From: "Justin M. Forbes" <jmforbes@...th.com>
To: security-announce@...ts.rpath.com, update-announce@...ts.rpath.com
Cc: lwn@....net, full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: rPSA-2006-0135-1 gimp
rPath Security Advisory: 2006-0135-1
Published: 2006-07-24
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
User Deterministic Privilege Escalation
Updated Versions:
gimp=/conary.rpath.com@rpl:devel//1/2.2.8-8.2-1
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404
https://issues.rpath.com/browse/RPL-522
Description:
Previous versions of the gimp package are vulnerable to an attack
in which an intentionally corrupted XCF file (the native gimp file
format) could cause the gimp to crash or to execute code supplied
in the XCF file by the attacker.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists