[Frugalware-security] [ FSA-53 ] texinfo

voroskoi noreply at frugalware.org
Thu Nov 23 19:53:45 CET 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Frugalware Security Advisory                           FSA-53

Date: 2006-11-23
Package: texinfo
Vulnerable versions: <= 4.8-7
Unaffected versions: >= 4.8-8siwenna1
Related bugreport: http://bugs.frugalware.org/task/1460
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4810

Description
===========

A boundary error exists within the &quot;readline()&quot; function in texindex.c. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted Texinfo file.

Updated Packages
================

Check if you have texinfo installed:

	# pacman -Q texinfo

If found, then you should upgrade to the latest version:

	# pacman -Sy texinfo

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info

iD8DBQFFZe45Z7NElSD1VhkRAghQAKCAdW9dolxrzN8340wJuEHKF6e26QCfaJfi
LczS6A0pEHxnvXSDv5bs1rQ=
=Aj/k
-----END PGP SIGNATURE-----


More information about the Frugalware-security mailing list