109993 2005-10-20 23:36 0000 media-gfx/inkscape security updates available 2005-11-28 02:20:30 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://www.inkscape.org/ B2 [glsa] jaervosz P2 normal --- 1 neil@darlow.co.uk security@gentoo.org graphics@gentoo.org neil@darlow.co.uk 2005-10-20 23:36:11 0000 To quote the Inkscape site announcement: October 9, 2005 Mentalguy has released new point releases of the past two versions of Inkscape to correct two issues with arbitrary code execution when opening malicious files. There are no known exploits for this issue, but if you use Inkscape on a production machine in a manner that invokes files from arbitrary sources, you may wish to upgrade. Reproducible: Always Steps to Reproduce: 1. 2. 3. jakub@gentoo.org 2005-11-19 14:59:36 0000 Security, any word on this? jaervosz@gentoo.org 2005-11-20 00:01:48 0000 Graphics please provide an updated ebuild. sekretarz@gentoo.org 2005-11-22 07:19:46 0000 Bumped in portage jaervosz@gentoo.org 2005-11-22 09:03:28 0000 Arches please test and mark stable. corsair@gentoo.org 2005-11-22 10:31:54 0000 stable on ppc64 blubb@gentoo.org 2005-11-22 11:20:11 0000 amd64 keywording happy hour: get two keywords for the price of one! chriswhite@gentoo.org 2005-11-22 12:19:39 0000 x86 stable. This program is addictive. gustavoz@gentoo.org 2005-11-22 12:31:57 0000 sparc stable. josejx@gentoo.org 2005-11-27 11:53:49 0000 Marked ppc stable. koon@gentoo.org 2005-11-28 02:20:30 0000 Thx everyone GLSA 200511-22