Summary: | app-text/acroread vulnerability in acroread | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | bin-doph <bauer> |
Component: | GLSA Errors | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | schaedpq |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://idefense.com/application/poi/display?id=125&type=vulnerabilities&flashstatus=true | ||
Whiteboard: | B2 [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
bin-doph
2004-08-13 03:09:45 UTC
I've now marked 5.09 stable on x86, security team: please vote on a GLSA. The README has this to say: == New for Acrobat Reader 5.0.9 A security patch was applied that solves a couple of problems reported with malformed uuencoded pdf files. == So < 5.09 should be vulnerable. One of the bugs fixed in 5.09 seems to be this one: Shell Metacharacter Code Execution Vulnerability <http://idefense.com/application/poi/display?id=124&type=vulnerabilities> Might be a good idea to include that vulnerability in the GLSA. I vote for a GLSA on this one and have drafted one already. Security please review or vote nay to GLSA. Thx Dominik GLSA 200408-14 |