Joined: 12 May 2004
|Posted: Sat Jun 11, 2005 6:34 pm Post subject: [ GLSA 200506-09 ] gedit: Format string vulnerability
|Gentoo Linux Security Advisory
Title: gedit: Format string vulnerability (GLSA 200506-09)
Date: June 11, 2005
Updated: May 22, 2006
gedit suffers from a format string vulnerability that could allow arbitrary code execution.
gedit is the official text editor of the GNOME desktop environement.
Vulnerable: < 2.10.3
Unaffected: >= 2.10.3
Architectures: All supported architectures
A format string vulnerability exists when opening files with names containing format specifiers.
A specially crafted file with format specifiers in the filename can cause arbitrary code execution.
There are no known workarounds at this time.
All gedit users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/gedit-2.10.3"
BugTraq ID 13699
gedit 10.3 Release Notes
Last edited by GLSA on Mon May 22, 2006 4:19 am; edited 2 times in total