Bug#496851: yelp: does not correctly handle format strings for certain error messages
Michael Gilbert
michael.s.gilbert at gmail.com
Thu Aug 28 00:18:36 UTC 2008
notfound 496851 2.22-1-6
thank you
what about a getting a fix for this issue into stable?
> yelp (2.22.1-4) unstable; urgency=high
>
> * SECURITY: New patch, 60_format-string, fixes format string vulnerability;
> bump urgency to high; CVE-2008-3533; GNOME #546364; from SVN r3173;
> LP: #254860.
>
>> Package: yelp
>> Version: 2.22.1-6
>> Severity: grave
>> Tags: security
>> Justification: user security hole
>>
>> yelp is vulnerable to attacks via badly formatted strings for certain error
>> messages. ubuntu recently released a fix for this problem [1]. the issue
>> is described as:
>>
>> Aaron Grattafiori discovered that the Gnome Help Viewer did not handle
>> format strings correctly when displaying certain error messages. If a
>> user were tricked into opening a specially crafted URI, a remote attacker
>> could execute arbitrary code with user privileges.
>>
>> this may or may not be related to CVE-2008-3533 [2]. this should be
>> considered a high-urgency vulnerability since it allows remote attackers
>> to exectute arbitrary code.
>>
>> thank you for the hard work.
>>
>> [1] http://www.ubuntu.com/usn/usn-638-1
>> [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3533
More information about the pkg-gnome-maintainers
mailing list