aru Posted April 4, 2006 Report Share Posted April 4, 2006 Mandriva Advisories MDKSA-2006:062 : dia Updated dia packages fix buffer overflow vulnerabilities April 3rd, 2006 Three buffer overflows were discovered by infamous41md in dia's xfig import code.This could allow for user-complicit attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid color index, number of points, or depth. Updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:062 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1550 http://mail.gnome.org/archives/dia-list/20...h/msg00149.html Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts