Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=4cf5bd02a6cbc40df2e391e41e25815bc00a681c
commit 4cf5bd02a6cbc40df2e391e41e25815bc00a681c Author: voroskoi <[EMAIL PROTECTED]> Date: Wed Jan 23 20:59:30 2008 +0100 FSA360-ruby-gnome2 diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index b7ae5de..7c062ba 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -27,6 +27,19 @@ <fsas> <fsa> + <id>360</id> + <date>2008-01-23</date> + <author>voroskoi</author> + <package>ruby-gnome2</package> + <vulnerable>0.16.0-3</vulnerable> + <unaffected>0.16.0-4sayshell1</unaffected> + <bts>http://bugs.frugalware.org/task/2650</bts> + <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6183</cve> + <desc>Chris Rohlf has reported a vulnerability in Ruby-GNOME2, which can potentially be exploited by malicious people to compromise an application using the library. + The vulnerability is caused due to a format string error within the "Gtk::MessageDialog.new()" method in gtk/src/rbgtkmessagedialog.c and can potentially be exploited to execute arbitrary code when a specially crafted string is passed to the affected function. + NOTE: Exploitation and impact of this vulnerability depend on how an application uses the affected function of the vulnerable library.</desc> + </fsa> + <fsa> <id>359</id> <date>2008-01-21</date> <author>voroskoi</author> _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
