Bug#330890: [Pkg-dia-team] Bug#330890: dia: Arbitrary code
execution when importing a .svg file
Roland Stigge
stigge at antcom.de
Fri Sep 30 19:23:23 UTC 2005
tag 330890 security
tag 330890 upstream
forwarded 330890 http://bugzilla.gnome.org/show_bug.cgi?id=317637
# woody:
notfound 330890 0.88.1-3
# sarge:
found 330890 0.94.0-7
# testing/unstable:
found 330890 0.94.0-14
# experimental
found 330890 0.94.0+CVS20050917-2
thanks
Hi,
thanks for reporting this issue.
Joxean Koret wrote:
> The script diasvg_import.py that comes with the current Debian stable
> version of Dia is vulnerable to an arbitrary code execution.
>
> I tried to contact with the Dia team too many times but without any look
> so, I think, there is no patch at the moment for the issues.
I couldn't find your comment on the upstream mailing list or in a GNOME
mozilla bug.
> Attached goes a working exploit to test the vulnerability.
Attached goes a fix that directly applies to the stable, testing and
unstable versions of dia in Debian (the respective code doesn't appear
in woody). Tested. Will coordinate with debian-security before uploading
to make fixes to stable and unstable consistent.
bye,
Roland
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dia.patch
Type: text/x-patch
Size: 1940 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20050930/4e5512ed/dia.bin
More information about the Pkg-gnome-maintainers
mailing list