Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=adfdbe51c0b880fa778d6d60fcc4a79a0f6f3aff
commit adfdbe51c0b880fa778d6d60fcc4a79a0f6f3aff Author: Miklos Vajna <[EMAIL PROTECTED]> Date: Tue May 20 13:28:54 2008 +0200 FSA451-audacity diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index 11f6b7a..ba1e536 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -26,6 +26,17 @@ <fsas> <fsa> + <id>451</id> + <date>2008-05-20</date> + <package>audacity</package> + <vulnerable>1.3.3-2</vulnerable> + <unaffected>1.3.5-1kalgan1</unaffected> + <bts>http://bugs.frugalware.org/task/3080</bts> + <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6061</cve> + <desc>Viktor Griph has reported a security issue in Audacity, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to delete arbitrary files and directories. + The security issue is caused due to the "AudacityApp::OnInit()" method in src/AudacityApp.cpp handling temporary files in an insecure manner. This can be exploited to delete arbitrary files and directories via symlink attacks, or to cause a deadlock.</desc> + </fsa> + <fsa> <id>450</id> <date>2008-05-20</date> <package>pngcrush</package> _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
