Package: ruby-gnome2 Version: 0.12.0-2 Severity: grave Tags: security patch
Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for ruby-gnome2. CVE-2007-6183[0]: | Format string vulnerability in the mdiag_initialize function in | gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 (aka Ruby/Gnome2) 0.16.0, and SVN | versions before 20071127, allows context-dependent attackers to execute | arbitrary code via format string specifiers in the message parameter. until now this seems to be reserved, in the meantime check: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6183 instead of the mitre site. A patch for this can be found on: http://ruby-gnome2.svn.sourceforge.net/viewvc/ruby-gnome2/ruby-gnome2/trunk/gtk/src/rbgtkmessagedialog.c?r1=2275&r2=2720&view=patch If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6183 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpzckDRfWsxy.pgp
Description: PGP signature
