[ MDVSA-2008:033 ] - Updated ruby-gnome2 packages fix arbitrary code execution vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:033
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ruby-gnome2
Date : February 1, 2008
Affected: 2007.1, 2008.0
_______________________________________________________________________
Problem Description:
A format string vulnerability in Ruby-GNOME 2 0.16.0, and SVN versions
before 20071127, allows context-dependent attackers to execute
arbitrary code via format string specifiers in the message parameter.
The updated packages have been patched to prevent this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6183
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.1:
8d9b3509f96a3461738224c17c1bd27a
2007.1/i586/ruby-atk-0.16.0-2.1mdv2007.1.i586.rpm
3a072a39a5bfafbd69074186bfeba886
2007.1/i586/ruby-gconf2-0.16.0-2.1mdv2007.1.i586.rpm
8dc250b8d2dba8bbb528edb5bfb049b1
2007.1/i586/ruby-gdkpixbuf2-0.16.0-2.1mdv2007.1.i586.rpm
351217998c27dd3438296bf09bdb23c8
2007.1/i586/ruby-glib2-0.16.0-2.1mdv2007.1.i586.rpm
bd1f01c6cb835cce182d446811c1ebdb
2007.1/i586/ruby-gnome2-0.16.0-2.1mdv2007.1.i586.rpm
415b8f4ab7b6bf1917f33f1462322f75
2007.1/i586/ruby-gnome2-devel-0.16.0-2.1mdv2007.1.i586.rpm
8c2170d7ab383640b0e967fc7d57f294
2007.1/i586/ruby-gnomecanvas2-0.16.0-2.1mdv2007.1.i586.rpm
92172ccc8d65303cf93cfa41b5efff5e
2007.1/i586/ruby-gnomeprint2-0.16.0-2.1mdv2007.1.i586.rpm
2111cd9707313863766dd2c1b74e36f2
2007.1/i586/ruby-gnomeprintui2-0.16.0-2.1mdv2007.1.i586.rpm
edf0aab0f5a89b5e8e28246396815415
2007.1/i586/ruby-gnomevfs2-0.16.0-2.1mdv2007.1.i586.rpm
dc83948dfc0a1d7f416f3e42efbbfb43
2007.1/i586/ruby-gtk2-0.16.0-2.1mdv2007.1.i586.rpm
76091b3b0e477d3417bd718f69a69797
2007.1/i586/ruby-gtkglext-0.16.0-2.1mdv2007.1.i586.rpm
1190afad40daba0b01709adb8e2d2138
2007.1/i586/ruby-gtkhtml2-0.16.0-2.1mdv2007.1.i586.rpm
434e7bccc392ba94168d46118dbdeedc
2007.1/i586/ruby-gtkmozembed-0.16.0-2.1mdv2007.1.i586.rpm
98e15cc9bee4fff03ea0d91803158420
2007.1/i586/ruby-gtksourceview-0.16.0-2.1mdv2007.1.i586.rpm
33f73da45a85653a02ab3eee9d4f920a
2007.1/i586/ruby-libart2-0.16.0-2.1mdv2007.1.i586.rpm
756088dd657a3a49f214e40953343fcb
2007.1/i586/ruby-libglade2-0.16.0-2.1mdv2007.1.i586.rpm
9c758d58dcbbf5d2d06775c2bb371f04
2007.1/i586/ruby-panelapplet2-0.16.0-2.1mdv2007.1.i586.rpm
8a3778c105d24a9419423c213bd5b488
2007.1/i586/ruby-pango-0.16.0-2.1mdv2007.1.i586.rpm
822079051a8600a0f92c67eb81cca1ce
2007.1/i586/ruby-poppler-0.16.0-2.1mdv2007.1.i586.rpm
16a45b8fbe47d39ed6ab9f5036edfb4b
2007.1/i586/ruby-rsvg2-0.16.0-2.1mdv2007.1.i586.rpm
3447bb03c4c687245b804c6772ee23c0
2007.1/i586/ruby-vte-0.16.0-2.1mdv2007.1.i586.rpm
316fffbb8ae34ab33d1466e53162d9cb
2007.1/SRPMS/ruby-gnome2-0.16.0-2.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
6b0e32102841662bf5839873c9d73410
2007.1/x86_64/ruby-atk-0.16.0-2.1mdv2007.1.x86_64.rpm
60ac413ae03fe7089afe63eee87e1a8e
2007.1/x86_64/ruby-gconf2-0.16.0-2.1mdv2007.1.x86_64.rpm
8dec4401c84e50482e705f1529d1c762
2007.1/x86_64/ruby-gdkpixbuf2-0.16.0-2.1mdv2007.1.x86_64.rpm
5f34499daabdc2046e1abf77a958efe2
2007.1/x86_64/ruby-glib2-0.16.0-2.1mdv2007.1.x86_64.rpm
9f4b0565ee905d750084b3cb1739ee44
2007.1/x86_64/ruby-gnome2-0.16.0-2.1mdv2007.1.x86_64.rpm
8bdacb4c30a0831af066d9bbf6de0f37
2007.1/x86_64/ruby-gnome2-devel-0.16.0-2.1mdv2007.1.x86_64.rpm
096c7a4da1bdb5c92a13ec25d16ed123
2007.1/x86_64/ruby-gnomecanvas2-0.16.0-2.1mdv2007.1.x86_64.rpm
8cc4dcea3e798918d43a705dcb3cf715
2007.1/x86_64/ruby-gnomeprint2-0.16.0-2.1mdv2007.1.x86_64.rpm
bcf1a516343c192e1aa888bda84918c2
2007.1/x86_64/ruby-gnomeprintui2-0.16.0-2.1mdv2007.1.x86_64.rpm
e0f2ac6e61c0f49cf0cea241542db6af
2007.1/x86_64/ruby-gnomevfs2-0.16.0-2.1mdv2007.1.x86_64.rpm
413453661c97ffef74a7cd002d68ef8c
2007.1/x86_64/ruby-gtk2-0.16.0-2.1mdv2007.1.x86_64.rpm
91b5a56fecf908eb741ae906b9a5fd53
2007.1/x86_64/ruby-gtkglext-0.16.0-2.1mdv2007.1.x86_64.rpm
eca80921ff0260244a5d9419b9f44a77
2007.1/x86_64/ruby-gtkhtml2-0.16.0-2.1mdv2007.1.x86_64.rpm
053fb91f3e23642527ff49ad662b52bc
2007.1/x86_64/ruby-gtkmozembed-0.16.0-2.1mdv2007.1.x86_64.rpm
2678231063f53e22127e05e5fbfd276f
2007.1/x86_64/ruby-gtksourceview-0.16.0-2.1mdv2007.1.x86_64.rpm
9feab2c5af54a7f44e2163b82d64032e
2007.1/x86_64/ruby-libart2-0.16.0-2.1mdv2007.1.x86_64.rpm
5364298efb07553a27555160db0dd249
2007.1/x86_64/ruby-libglade2-0.16.0-2.1mdv2007.1.x86_64.rpm
eb7d1481852b3538dd0e9c4c0fa10b0c
2007.1/x86_64/ruby-panelapplet2-0.16.0-2.1mdv2007.1.x86_64.rpm
140949b575299e5a0db4c779872e843b
2007.1/x86_64/ruby-pango-0.16.0-2.1mdv2007.1.x86_64.rpm
e4d0011c09d27226108b5ded5736c668
2007.1/x86_64/ruby-poppler-0.16.0-2.1mdv2007.1.x86_64.rpm
e22ad59b1ddb3da7365a5bfe5fab05c3
2007.1/x86_64/ruby-rsvg2-0.16.0-2.1mdv2007.1.x86_64.rpm
cd0596a1c344e2b7fd4f77fddbd1350c
2007.1/x86_64/ruby-vte-0.16.0-2.1mdv2007.1.x86_64.rpm
316fffbb8ae34ab33d1466e53162d9cb
2007.1/SRPMS/ruby-gnome2-0.16.0-2.1mdv2007.1.src.rpm
Mandriva Linux 2008.0:
8307750bd147672c60eea024629b3f2f
2008.0/i586/ruby-atk-0.16.0-3.1mdv2008.0.i586.rpm
4ede1f2646c69713f70e31cc12412fb1
2008.0/i586/ruby-gconf2-0.16.0-3.1mdv2008.0.i586.rpm
49da66f60cabd54e56fd6c5b1785689f
2008.0/i586/ruby-gdkpixbuf2-0.16.0-3.1mdv2008.0.i586.rpm
59a96dc934dfe93152ec491ad626183a
2008.0/i586/ruby-glib2-0.16.0-3.1mdv2008.0.i586.rpm
88dd3349f5d87eb514473d7d7ff04393
2008.0/i586/ruby-gnome2-0.16.0-3.1mdv2008.0.i586.rpm
6f61c8b4630791f6a2385cd64898f3d9
2008.0/i586/ruby-gnome2-devel-0.16.0-3.1mdv2008.0.i586.rpm
53ad3fcf39a69b734354c3869edc43c6
2008.0/i586/ruby-gnomecanvas2-0.16.0-3.1mdv2008.0.i586.rpm
56e31a8e492e5ed4cd62309addf3b393
2008.0/i586/ruby-gnomeprint2-0.16.0-3.1mdv2008.0.i586.rpm
8cf2869ae0851f923656de566a8d7d10
2008.0/i586/ruby-gnomeprintui2-0.16.0-3.1mdv2008.0.i586.rpm
78117f7fc39b38fc2493876f9ed9258e
2008.0/i586/ruby-gnomevfs2-0.16.0-3.1mdv2008.0.i586.rpm
edeabe7eef8a91a66654314dc116a67a
2008.0/i586/ruby-gtk2-0.16.0-3.1mdv2008.0.i586.rpm
8bea81137fae5d017bda7b5643f977df
2008.0/i586/ruby-gtkglext-0.16.0-3.1mdv2008.0.i586.rpm
f1733e1ce8b042a7a653015a71765f17
2008.0/i586/ruby-gtkhtml2-0.16.0-3.1mdv2008.0.i586.rpm
02e73422c69226f0b8365ccd1434630f
2008.0/i586/ruby-gtkmozembed-0.16.0-3.1mdv2008.0.i586.rpm
f41c6f51ada9ab5c662edd5e86fdc3fc
2008.0/i586/ruby-gtksourceview-0.16.0-3.1mdv2008.0.i586.rpm
412809b7df4bf120821d847acf784f31
2008.0/i586/ruby-libart2-0.16.0-3.1mdv2008.0.i586.rpm
d790e25de85766d985a00e3296ababbc
2008.0/i586/ruby-libglade2-0.16.0-3.1mdv2008.0.i586.rpm
9b4b2cd7a0fe9ccc71c23fe79696316c
2008.0/i586/ruby-panelapplet2-0.16.0-3.1mdv2008.0.i586.rpm
62847d04d24d38a3f524ce2d4750e92e
2008.0/i586/ruby-pango-0.16.0-3.1mdv2008.0.i586.rpm
568d13371026bd18b7a7de8e5a1b6790
2008.0/i586/ruby-poppler-0.16.0-3.1mdv2008.0.i586.rpm
9b7bb617c47787c1768ce6e41dfff985
2008.0/i586/ruby-rsvg2-0.16.0-3.1mdv2008.0.i586.rpm
70bb27ffb7ee95fec71c84408210adce
2008.0/i586/ruby-vte-0.16.0-3.1mdv2008.0.i586.rpm
0df7cde4331837fb6862c9b5a97be8f5
2008.0/SRPMS/ruby-gnome2-0.16.0-3.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
f994bb06d1aeea684703e4632dc83514
2008.0/x86_64/ruby-atk-0.16.0-3.1mdv2008.0.x86_64.rpm
aa09b9d481302f67ceb70212331a404d
2008.0/x86_64/ruby-gconf2-0.16.0-3.1mdv2008.0.x86_64.rpm
e2095aad322140ca87c2abaa36383bf6
2008.0/x86_64/ruby-gdkpixbuf2-0.16.0-3.1mdv2008.0.x86_64.rpm
8599aa977cce023e95e3d4013081bd46
2008.0/x86_64/ruby-glib2-0.16.0-3.1mdv2008.0.x86_64.rpm
e842e5a9cd8f4ddf65adc3ca537a23e2
2008.0/x86_64/ruby-gnome2-0.16.0-3.1mdv2008.0.x86_64.rpm
7df090f82bc32da5d71e5b1a01a936da
2008.0/x86_64/ruby-gnome2-devel-0.16.0-3.1mdv2008.0.x86_64.rpm
e009fc40831dcb1266168475e3f7a7ce
2008.0/x86_64/ruby-gnomecanvas2-0.16.0-3.1mdv2008.0.x86_64.rpm
dbcf26f9d25b208cda61be393420249a
2008.0/x86_64/ruby-gnomeprint2-0.16.0-3.1mdv2008.0.x86_64.rpm
39b325ee6548bdace767db805bf2c8b2
2008.0/x86_64/ruby-gnomeprintui2-0.16.0-3.1mdv2008.0.x86_64.rpm
7071eb94ac3c55e18d70519e6c8eca86
2008.0/x86_64/ruby-gnomevfs2-0.16.0-3.1mdv2008.0.x86_64.rpm
e2804b2ea0e09a9ceb10a301b588dc16
2008.0/x86_64/ruby-gtk2-0.16.0-3.1mdv2008.0.x86_64.rpm
9de7b27a7af2a97858712ecc85556c23
2008.0/x86_64/ruby-gtkglext-0.16.0-3.1mdv2008.0.x86_64.rpm
707ef739d27ff5e0dac19ddb1ef6eb0c
2008.0/x86_64/ruby-gtkhtml2-0.16.0-3.1mdv2008.0.x86_64.rpm
8a93344a6ce2757ef2a9c69f80ab38cc
2008.0/x86_64/ruby-gtkmozembed-0.16.0-3.1mdv2008.0.x86_64.rpm
0d56132f28b59eb54e915d215934d668
2008.0/x86_64/ruby-gtksourceview-0.16.0-3.1mdv2008.0.x86_64.rpm
0757a4b6ecf07630d45e508cd623f562
2008.0/x86_64/ruby-libart2-0.16.0-3.1mdv2008.0.x86_64.rpm
a959f2d58f667ab56874fe974cbdb38a
2008.0/x86_64/ruby-libglade2-0.16.0-3.1mdv2008.0.x86_64.rpm
93dff79288e4e248f7ff42d9574dcb6b
2008.0/x86_64/ruby-panelapplet2-0.16.0-3.1mdv2008.0.x86_64.rpm
ab701b2b9942d6834bef8f6e4723a27b
2008.0/x86_64/ruby-pango-0.16.0-3.1mdv2008.0.x86_64.rpm
17580801211d70f93579bfa6b36f10d8
2008.0/x86_64/ruby-poppler-0.16.0-3.1mdv2008.0.x86_64.rpm
21e8b9751a77135296f537e33006bc5a
2008.0/x86_64/ruby-rsvg2-0.16.0-3.1mdv2008.0.x86_64.rpm
91f4b51df125d5c184a2272cb2561d3c
2008.0/x86_64/ruby-vte-0.16.0-3.1mdv2008.0.x86_64.rpm
0df7cde4331837fb6862c9b5a97be8f5
2008.0/SRPMS/ruby-gnome2-0.16.0-3.1mdv2008.0.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFHo38WmqjQ0CJFipgRAuQ1AJkB4lvv5eqDT1xFB+zuFDSNT5dicwCfX5fT
tvrLJzPSQ/JsXO2WAEf6QSY=
=D1lc
-----END PGP SIGNATURE-----