Darcsweb-Url:
http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=homepage-ng;a=darcs_commitdiff;h=20061205223805-dd049-4519d83c822ab836c0c09a6b54005a9008f1f4e0.gz;
[FSA63-libgsf
voroskoi <[EMAIL PROTECTED]>**20061205223805] {
hunk ./frugalware/xml/security.xml 29
+ <fsa>
+ <id>63</id>
+ <date>2006-12-05</date>
+ <author>voroskoi</author>
+ <package>libgsf</package>
+ <vulnerable>1.14.1-3</vulnerable>
+ <unaffected>1.14.1-4siwenna1</unaffected>
+ <bts>http://bugs.frugalware.org/task/1503</bts>
+
<cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4514</cve>
+ <desc>A vulnerability has been reported in libgsf, which
potentially can be exploited by malicious people to compromise an application
using the library.
+ The vulnerability is caused due to a boundary error
within the "ole_info_read_metabat()" function in gsf/gsf-infile-msole.c. This
can be exploited to cause a heap-based buffer overflow by e.g. tricking a user
into opening a specially crafted file in an application using the
library.</desc>
+ </fsa>
}
_______________________________________________
Frugalware-darcs mailing list
Frugalware-darcs@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-darcs
