| Summary: | app-office/abiword includes vulnerable libwmf? (CVE-2006-3376) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | VERIFIED INVALID | ||
| Severity: | normal | CC: | gnome-office+disabled |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | B2 [ebuild?] frilled | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2006-08-02 08:42:18 UTC
Calling in gnome-office. Could you please check whether the affected code is in the package (see mentioned bug)? I looked into it myself, and my understanding is that there's some wrapper code that handles an external libwmf if configured to do so. In my eyes this one can be closed unless auditing or anybody else says otherwise. There is some obscure version checking though, so it might break after a libwmf update, but then again we'd see another bug filed :] Invalidating. Feel free to reopen on sudden insights. closed. |