Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 171799

Summary: media-gfx/inkscape < 0.45.1 format string vulnerability (CVE-2007-146{3|4})
Product: Gentoo Security Reporter: Pierre-Yves Rofes (RETIRED) <py>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: amne, betelgeuse, graphics+disabled, lars, rockoo, zypher
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/24615/
Whiteboard: B2 [glsa] p-y
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 154898, 160013, 162237    

Description Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-03-22 14:02:23 UTC 
Some vulnerabilities have been reported in Inkscape, which
potentially can be exploited by malicious people to compromise a
user's system.

1) A format string error exists in certain dialogs. This can be
exploited to execute arbitrary code by tricking the user into opening
a specially crafted URI containing format string specifiers.

2) A format string error exists in the Whiteboard Jabber client,
which potentially can be exploited to execute arbitrary code.

Successful exploitation requires that the user is logged in to a
Jabber server.

The vulnerabilities are reported in versions prior to 0.45.1.

SOLUTION:
Update to version 0.45.1.

PROVIDED AND/OR DISCOVERED BY:
Kees Cook
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-03-25 06:27:21 UTC 
graphics please advise and patch as necessary.
Comment 2 Petteri Räty (RETIRED) gentoo-dev 2007-04-07 13:53:49 UTC 
*** Bug 165715 has been marked as a duplicate of this bug. ***
Comment 3 Petteri Räty (RETIRED) gentoo-dev 2007-04-07 14:06:41 UTC 
(In reply to comment #1)
> graphics please advise and patch as necessary.
> 

0.45.1 added to the tree. Arches please test and mark stable. Requires a newer pstoedit stable too as users weren't able to import postscript files with earlier versions:

betelgeuse@pena /usr/portage/media-gfx/inkscape $ adjutrix -w x86 =media-gfx/inkscape-0.45.1
Package                       Version             Current Keywords  Masks
============================= =================== ================= =========
media-gfx/pstoedit            3.44                ~x86
media-gfx/inkscape            0.45.1              ~x86
Comment 4 Christian Faulhammer (RETIRED) gentoo-dev 2007-04-07 16:56:33 UTC 
x86 stable
Comment 5 Markus Rothe (RETIRED) gentoo-dev 2007-04-08 10:46:39 UTC 
ppc64 stable
Comment 6 Tobias Scherbaum (RETIRED) gentoo-dev 2007-04-08 12:04:21 UTC 
ppc stable
Comment 7 Jeroen Roovers (RETIRED) gentoo-dev 2007-04-09 04:05:11 UTC 
Stable for HPPA.
Comment 8 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-04-09 11:56:01 UTC 
updating status.
Comment 9 Gustavo Zacarias (RETIRED) gentoo-dev 2007-04-09 12:26:23 UTC 
sparc stable.
Comment 10 Marcus D. Hanwell (RETIRED) gentoo-dev 2007-04-09 19:38:58 UTC 
Stable on amd64.
Comment 11 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-04-09 19:57:52 UTC 
thanks arches, GLSA in progress...
Comment 12 Matthias Geerdsen (RETIRED) gentoo-dev 2007-04-16 14:48:10 UTC 
GLSA 200704-10

thanks everyone
Comment 13 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-04-16 16:35:14 UTC 
*** Bug 174815 has been marked as a duplicate of this bug. ***