Joined: 12 May 2004
|Posted: Mon Mar 26, 2018 6:26 pm Post subject: [ glsa 201803-13 ] plib
|Gentoo Linux Security Advisory
Title: PLIB: User-assisted execution of arbitrary code (GLSA 201803-13)
A vulnerability in PLIB may allow remote attackers to execute
PLIB includes sound effects, music, a complete 3D engine, font
rendering, a simple Windowing library, a game scripting language, a GUI,
networking, 3D math library and a collection of handy utility functions.
Vulnerable: < 1.8.5-r1
Unaffected: >= 1.8.5-r1
Architectures: All supported architectures
A stack-based buffer overflow within the error function of
ssg/ssgParser.cxx was discovered in PLIB.
A remote attacker, by enticing a user to open a specially crafted 3d
model file, could possibly execute arbitrary code with the privileges of
There is no known workaround at this time.
All PLIB users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/plib-1.8.5-r1"