[Frugalware-darcs] homepage-ng: FSA58-gv

voroskoi voroskoi at frugalware.org
Fri Nov 24 00:49:23 CET 2006

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=homepage-ng;a=darcs_commitdiff;h=20061123234509-dd049-39fa40830f73446d378eb91b27d1a259cc485824.gz;

voroskoi <voroskoi at frugalware.org>**20061123234509] {
hunk ./frugalware/xml/security.xml 29
+	<fsa>
+		<id>58</id>
+		<date>2006-11-24</date>
+		<author>voroskoi</author>
+		<package>gv</package>
+		<vulnerable>3.6.1-3</vulnerable>
+		<unaffected>3.6.1-4siwenna1</unaffected>
+		<bts>http://bugs.frugalware.org/task/1462</bts>
+		<cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864</cve>
+		<desc>Renaud Lifchitz has reported a vulnerability in GNU gv, which can be exploited by malicious people to compromise a user's system.
+			The vulnerability is caused due to a boundary error within the "ps_gettext()" function in ps.c. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted PostScript file.</desc>
+	</fsa>

More information about the Frugalware-darcs mailing list