Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 183299

Summary: app-office/dia < 0.96.1-6 Freetype font parsing vulnerabilities (CVE-2007-1351, CVE-2007-2754)
Product: Gentoo Security Reporter: Pierre-Yves Rofes (RETIRED) <py>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: minor CC: gnome-office+disabled
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/25810/
Whiteboard: B3 [] p-y
Package list:
Runtime testing required: ---

Description Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-06-26 18:15:36 UTC 
Two vulnerabilities have been acknowledged in Dia, which potentially can be exploited by malicious people to compromise a user's system.
solution: update to version 0.96.1-6
Comment 1 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-06-26 18:16:32 UTC 
Setting status and cc'ing herd. gnome-office, please advise and bump as necessary.
Comment 2 Lubomir Rintel 2007-06-27 20:31:10 UTC 
Please close. This is specific to Windows binary build linked against vulnerable Freetype.
Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-06-28 04:46:43 UTC 
Thx for the pointer Lubomir.