Bug 192699 - CVE-2006-2480 Dia format string issue (CVE-2006-2453)
CVE-2006-2480 Dia format string issue (CVE-2006-2453)
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: dia (Show other bugs)
4
All Linux
medium Severity medium
: ---
: ---
Assigned To: Caolan McNamara
source=vendor-sec,impact=moderate,rep...
: Security
: 192538 (view as bug list)
Depends On:
Blocks: 190942
  Show dependency treegraph
 
Reported: 2006-05-22 14:04 EDT by Josh Bressers
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 0.94-16.fc4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-05-25 03:35:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
GNOME Desktop 342111 None None None Never

  None (edit)
Description Josh Bressers 2006-05-22 14:04:07 EDT
Dia format string issue

Dia has a format string vulnerability in the way it displays error
messages.  It is possible for a user to create a maliciou dia file
which could

http://marc.theaimsgroup.com/?l=vuln-dev&m=114713874920770&w=2

Thre is a fix in the upstream bug:
http://bugzilla.gnome.org/show_bug.cgi?id=342111
Comment 1 Caolan McNamara 2006-05-23 03:46:33 EDT
*** Bug 192538 has been marked as a duplicate of this bug. ***
Comment 2 Josh Bressers 2006-05-23 08:00:03 EDT
A number of additional format string issues were discovered by Hans de Goede and
has been assigned the CVE id CVE-2006-2453.

The fix is attachment 129852 [details]
Comment 3 Caolan McNamara 2006-05-23 11:03:28 EDT
*grumble*, backported 0.95 patch to 0.94. Pushing...
Comment 4 Caolan McNamara 2006-05-23 14:55:21 EDT
updated with new bits, re-pushing
Comment 5 Fedora Update System 2006-05-24 19:24:06 EDT
dia-0.94-16.fc4 has been pushed for fc4, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.