File: [cvs.NetBSD.org] / pkgsrc / graphics / dia / Makefile (download)
Revision 1.42, Tue Apr 4 14:52:15 2006 UTC (18 years ago) by salo
Branch: MAIN
Changes since 1.41: +2 -2
lines
Security fix for CVE-2006-1550:
"Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87
and later before 0.95-pre6 allow user-complicit attackers to have an unknown
impact via a crafted xfig file, possibly involving an invalid (1) color index,
(2) number of points, or (3) depth."
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1550
http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html
Fix from Dia CVS.
|