Sponsored link
Serve your customers, not your servers, with VERIO Linux VPS. Full-access test-drive here.
| Weekly edition | Kernel | Security | Distributions | Search |
| Archives | Calendar | Subscribe | Write for LWN | LWN.net FAQ |
rPath alert rPSA-2008-0015-1 (cairo)
| From: | rPath Update Announcements <announce-noreply@rpath.com> | |
| To: | security-announce@lists.rpath.com, update-announce@lists.rpath.com | |
| Subject: | rPSA-2008-0015-1 cairo | |
| Date: | Tue, 15 Jan 2008 17:52:53 -0500 | |
| Message-ID: | <478d3945.4VSGRUcRkHBKZtGT%announce-noreply@rpath.com> | |
| Cc: | full-disclosure@lists.grok.org.uk, vulnwatch@vulnwatch.org, bugtraq@securityfocus.com, lwn@lwn.net |
rPath Security Advisory: 2008-0015-1 Published: 2008-01-15 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: cairo=conary.rpath.com@rpl:1/1.0.2-1.4-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-1966 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 Description: Previous versions of the cairo package contain multiple integer overflows that may allow indirect attackers who provide maliciously crafted PNG images to execute arbitrary code in applications that use the cairo library. http://wiki.rpath.com/Advisories:rPSA-2008-0015 Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html
(Log in to post comments)