Up to [cvs.NetBSD.org] / pkgsrc / graphics / libwmf
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: pkgsrc-2006Q3
Revision 1.60 / (download) - annotate - [select for diffs], Sun Aug 20 21:38:45 2006 UTC (17 years, 8 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base,
pkgsrc-2006Q3
Changes since 1.59: +2 -2
lines
Diff to previous 1.59 (colored)
Security fix for CVE-2006-3376: "A vulnerability in libwmf can be potentially exploited by malicious people to compromise an application using the vulnerable library. The vulnerability is caused due to an integer overflow error when allocating memory based on a value taken directly from a WMF file without performing any checks. This can be exploited to cause a heap-based buffer overflow when a specially crafted WMF file is processed. Successful exploitation may allow execution of arbitrary code." http://secunia.com/advisories/20921/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376 Patch from Red Hat. Bump PKGREVISION.