subject:"Bug#330890\: dia\: Arbitrary code execution when importing a .svg file"

Bug#330890: [Pkg-dia-team] Bug#330890: dia: Arbitrary code execution when importing a .svg file

2005-09-30 Thread Roland Stigge

tag 330890 security tag 330890 upstream forwarded 330890 http://bugzilla.gnome.org/show_bug.cgi?id=317637 # woody: notfound 330890 0.88.1-3 # sarge: found 330890 0.94.0-7 # testing/unstable: found 330890 0.94.0-14 # experimental found 330890 0.94.0+CVS20050917-2 thanks Hi, thanks for reporting th

Bug#330890: dia: Arbitrary code execution when importing a .svg file

2005-09-30 Thread Joxean Koret

Subject: dia: Arbitrary code execution when importing a .svg file Package: dia Severity: grave Justification: user security hole The script diasvg_import.py that comes with the current Debian stable version of Dia is vulnerable to an arbitrary code execution. I tried to contact with the Dia team