-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
GENTOO LINUX SECURITY ANNOUNCEMENT 200210-012
- -
PACKAGE : sharutils
SUMMARY : inadequate checks on
Clark Mills [EMAIL PROTECTED] writes:
http://c-mills.ctru.auckland.ac.nz/transparent.png
If you view this image from Linux in Galeon 1.2.6 or Netscape/7.0
all looks fine however if you print the image from within these
applications then the _erased_ section prints as if it was never
The website still offers 6.0.7 (vulnerable) version for download,
So apparently no workaround exists except for shutting it down until
the patch or newer version is available.
I got this in response to my enquiry with AltN about a fix for the problem:
This has been fixed in 6.5 which will be
Gregory Steuck wrote,
Gregory Steuck security advisory #1, 2002
Excellent stuff ... I've posted a link to the bugtraq archive to
xml-dev.
Acknowledgments:
Even though the issue was discovered and researched independently I
cannot claim to be the first one to realize the risks associated
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 184-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
October 30th, 2002
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
GENTOO LINUX SECURITY ANNOUNCEMENT 200210-013
- -
PACKAGE : pam_ldap
SUMMARY : format string attack
DATE
