|
Family: Debian Local Security Checks --> Category: infos
[DSA916] DSA-916-1 inkscape Vulnerability Scan
Vulnerability Scan Summary DSA-916-1 inkscape
Detailed Explanation for this Vulnerability Test
Several vulnerabilities have been discovered in Inkscape, a
vector-based drawing program. The Common Vulnerabilities and
Exposures project identifies the following problems:
Joxean Koret discovered a buffer overflow in the SVG parsing
routines that can lead to the execution of arbitrary code.
Javier Fernández-Sanguino Peña noticed that the ps2epsi extension
shell script uses a hardcoded temporary file making it vulnerable
to symlink attacks.
The old stable distribution (woody) does not contain inkscape packages.
For the stable distribution (sarge) this problem has been fixed in
version 0.41-4.99.sarge2.
For the unstable distribution (sid) this problem has been fixed in
version 0.42.2+0.43pre1-1.
We recommend that you upgrade your inkscape package.
Solution : http://www.debian.org/security/2005/dsa-916
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|