Hi
I have asked if this warrants a CVE and if one can be assigned. If so
I will then update it here. Here is the temporary entry in the
security-tracker:
https://security-tracker.debian.org/tracker/TEMP-0654341-9198B9
p.s.: A user might be tricked also to save the open file and loose data,
Hi,
I have just uploaded inkscape 0.48.3.1-1.3 which includes a patch by
Michael Karcher to address this issue.
We have thoroughly tested the patch and the bug is now
fixed. Further checks show that the patch doesn't have any negative
impact on other areas of the script engine.
The patch makes
Control: retitle -1 [CVE-2012-6076] inkscape reads .eps files from /tmp instead
of the current directory
Control: retitle 696915 unblock: inkscape/0.48.3.1-1.3
Hi
On Sat, Dec 29, 2012 at 09:48:42PM +0100, John Paul Adrian Glaubitz wrote:
Hi,
I have just uploaded inkscape 0.48.3.1-1.3 which
On Thu, 12 Jan 2012 at 19:22:11 +, Alex Valavanis wrote:
Actually, the link is OK, but the upstream report is set as private
because this is a security issue.
Given that it's public in the Debian BTS, there's little point in having
the Launchpad bug private (unless the Launchpad bug reveals
Hi,
Yes - I actually made it public a while ago, following the same rationale.
Cheers,
AV
On 4 March 2012 14:55, Simon McVittie s...@debian.org wrote:
On Thu, 12 Jan 2012 at 19:22:11 +, Alex Valavanis wrote:
Actually, the link is OK, but the upstream report is set as private
because
Oops... at least I thought I had!
I've changed it now.
Cheers,
AV
On 4 March 2012 16:10, Alex Valavanis valavanisa...@gmail.com wrote:
Hi,
Yes - I actually made it public a while ago, following the same rationale.
Cheers,
AV
On 4 March 2012 14:55, Simon McVittie s...@debian.org
Hi there,
FYI, the link for the upstream bug is broken. I tried to find out the
correct bug report upstream, but I couldn't find it.
Best regards,
--
Marcos Marado
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Hi Marcos,
Actually, the link is OK, but the upstream report is set as private
because this is a security issue. If you or anyone else would like to
have access to the report, please let me know your launchpad user ID
and I will subscribe you.
Thanks,
Alex
On 12 January 2012 19:15, Marcos
On Thursday 12 January 2012 19:22:11 Alex Valavanis wrote:
Hi Marcos,
Actually, the link is OK, but the upstream report is set as private
because this is a security issue.
Oh, OK, thanks for the reply.
If you or anyone else would like to
have access to the report, please let me know your
Package: inkscape
Version: 0.48.1-2.1+b1
Severity: grave
Tags: security
Justification: user security hole
When I want to open a .eps file with something like
inkscape file.eps
inkscape tries to open the file from /tmp instead of the current
directory (if the file doesn't exist, I get a
10 matches
Mail list logo
