An untrusted directory search path vulnerability was found in the way Inkscape, a vector graphics editor, using the W3C standard Scalable Vector Graphics (SVG) file format, loaded EPS (Encapsulated PostScript) files. A local attacker could use this flaw to execute arbitrary PostScript code with the privileges of the user running the inkscape executable. References: [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654341 [2] https://bugs.launchpad.net/inkscape/+bug/911146 [3] http://www.openwall.com/lists/oss-security/2012/12/29/5 [4] http://www.openwall.com/lists/oss-security/2012/12/30/2 [5] https://bugzilla.novell.com/show_bug.cgi?id=796306 Relevant patch: [6] http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=47;filename=0005-Add-patch-to-fix-upstream-vulnerability-LP-911146.patch;att=5;bug=654341 [7] https://bugs.launchpad.net/inkscape/+bug/911146/comments/2 (but see also subsequent comments wrt to the patch regression)
This issue affects the version of the inkscape package, as shipped with Red Hat Enterprise Linux 6. -- This issue affects the versions of the inkscape package, as shipped with Fedora release of 16 and 17. Please schedule an update. -- This issue affects the version of the inkscape package, as shipped with Fedora EPEL 5. Please schedule an update.
Created inkscape tracking bugs for this issue Affects: fedora-all [bug 891335] Affects: epel-5 [bug 891336]
My reading of 911146 is that 0.48.4 is not affected, which would cover all of Fedora. I'll look at a patch for 0.46 for EL-5.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2012-6076