<<< Date Index >>>     <<< Thread Index >>>

[ MDVSA-2008:033 ] - Updated ruby-gnome2 packages fix arbitrary code execution vulnerability



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:033
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : ruby-gnome2
 Date    : February 1, 2008
 Affected: 2007.1, 2008.0
 _______________________________________________________________________
 
 Problem Description:
 
 A format string vulnerability in Ruby-GNOME 2 0.16.0, and SVN versions
 before 20071127, allows context-dependent attackers to execute
 arbitrary code via format string specifiers in the message parameter.
 
 The updated packages have been patched to prevent this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6183
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.1:
 8d9b3509f96a3461738224c17c1bd27a  
2007.1/i586/ruby-atk-0.16.0-2.1mdv2007.1.i586.rpm
 3a072a39a5bfafbd69074186bfeba886  
2007.1/i586/ruby-gconf2-0.16.0-2.1mdv2007.1.i586.rpm
 8dc250b8d2dba8bbb528edb5bfb049b1  
2007.1/i586/ruby-gdkpixbuf2-0.16.0-2.1mdv2007.1.i586.rpm
 351217998c27dd3438296bf09bdb23c8  
2007.1/i586/ruby-glib2-0.16.0-2.1mdv2007.1.i586.rpm
 bd1f01c6cb835cce182d446811c1ebdb  
2007.1/i586/ruby-gnome2-0.16.0-2.1mdv2007.1.i586.rpm
 415b8f4ab7b6bf1917f33f1462322f75  
2007.1/i586/ruby-gnome2-devel-0.16.0-2.1mdv2007.1.i586.rpm
 8c2170d7ab383640b0e967fc7d57f294  
2007.1/i586/ruby-gnomecanvas2-0.16.0-2.1mdv2007.1.i586.rpm
 92172ccc8d65303cf93cfa41b5efff5e  
2007.1/i586/ruby-gnomeprint2-0.16.0-2.1mdv2007.1.i586.rpm
 2111cd9707313863766dd2c1b74e36f2  
2007.1/i586/ruby-gnomeprintui2-0.16.0-2.1mdv2007.1.i586.rpm
 edf0aab0f5a89b5e8e28246396815415  
2007.1/i586/ruby-gnomevfs2-0.16.0-2.1mdv2007.1.i586.rpm
 dc83948dfc0a1d7f416f3e42efbbfb43  
2007.1/i586/ruby-gtk2-0.16.0-2.1mdv2007.1.i586.rpm
 76091b3b0e477d3417bd718f69a69797  
2007.1/i586/ruby-gtkglext-0.16.0-2.1mdv2007.1.i586.rpm
 1190afad40daba0b01709adb8e2d2138  
2007.1/i586/ruby-gtkhtml2-0.16.0-2.1mdv2007.1.i586.rpm
 434e7bccc392ba94168d46118dbdeedc  
2007.1/i586/ruby-gtkmozembed-0.16.0-2.1mdv2007.1.i586.rpm
 98e15cc9bee4fff03ea0d91803158420  
2007.1/i586/ruby-gtksourceview-0.16.0-2.1mdv2007.1.i586.rpm
 33f73da45a85653a02ab3eee9d4f920a  
2007.1/i586/ruby-libart2-0.16.0-2.1mdv2007.1.i586.rpm
 756088dd657a3a49f214e40953343fcb  
2007.1/i586/ruby-libglade2-0.16.0-2.1mdv2007.1.i586.rpm
 9c758d58dcbbf5d2d06775c2bb371f04  
2007.1/i586/ruby-panelapplet2-0.16.0-2.1mdv2007.1.i586.rpm
 8a3778c105d24a9419423c213bd5b488  
2007.1/i586/ruby-pango-0.16.0-2.1mdv2007.1.i586.rpm
 822079051a8600a0f92c67eb81cca1ce  
2007.1/i586/ruby-poppler-0.16.0-2.1mdv2007.1.i586.rpm
 16a45b8fbe47d39ed6ab9f5036edfb4b  
2007.1/i586/ruby-rsvg2-0.16.0-2.1mdv2007.1.i586.rpm
 3447bb03c4c687245b804c6772ee23c0  
2007.1/i586/ruby-vte-0.16.0-2.1mdv2007.1.i586.rpm 
 316fffbb8ae34ab33d1466e53162d9cb  
2007.1/SRPMS/ruby-gnome2-0.16.0-2.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 6b0e32102841662bf5839873c9d73410  
2007.1/x86_64/ruby-atk-0.16.0-2.1mdv2007.1.x86_64.rpm
 60ac413ae03fe7089afe63eee87e1a8e  
2007.1/x86_64/ruby-gconf2-0.16.0-2.1mdv2007.1.x86_64.rpm
 8dec4401c84e50482e705f1529d1c762  
2007.1/x86_64/ruby-gdkpixbuf2-0.16.0-2.1mdv2007.1.x86_64.rpm
 5f34499daabdc2046e1abf77a958efe2  
2007.1/x86_64/ruby-glib2-0.16.0-2.1mdv2007.1.x86_64.rpm
 9f4b0565ee905d750084b3cb1739ee44  
2007.1/x86_64/ruby-gnome2-0.16.0-2.1mdv2007.1.x86_64.rpm
 8bdacb4c30a0831af066d9bbf6de0f37  
2007.1/x86_64/ruby-gnome2-devel-0.16.0-2.1mdv2007.1.x86_64.rpm
 096c7a4da1bdb5c92a13ec25d16ed123  
2007.1/x86_64/ruby-gnomecanvas2-0.16.0-2.1mdv2007.1.x86_64.rpm
 8cc4dcea3e798918d43a705dcb3cf715  
2007.1/x86_64/ruby-gnomeprint2-0.16.0-2.1mdv2007.1.x86_64.rpm
 bcf1a516343c192e1aa888bda84918c2  
2007.1/x86_64/ruby-gnomeprintui2-0.16.0-2.1mdv2007.1.x86_64.rpm
 e0f2ac6e61c0f49cf0cea241542db6af  
2007.1/x86_64/ruby-gnomevfs2-0.16.0-2.1mdv2007.1.x86_64.rpm
 413453661c97ffef74a7cd002d68ef8c  
2007.1/x86_64/ruby-gtk2-0.16.0-2.1mdv2007.1.x86_64.rpm
 91b5a56fecf908eb741ae906b9a5fd53  
2007.1/x86_64/ruby-gtkglext-0.16.0-2.1mdv2007.1.x86_64.rpm
 eca80921ff0260244a5d9419b9f44a77  
2007.1/x86_64/ruby-gtkhtml2-0.16.0-2.1mdv2007.1.x86_64.rpm
 053fb91f3e23642527ff49ad662b52bc  
2007.1/x86_64/ruby-gtkmozembed-0.16.0-2.1mdv2007.1.x86_64.rpm
 2678231063f53e22127e05e5fbfd276f  
2007.1/x86_64/ruby-gtksourceview-0.16.0-2.1mdv2007.1.x86_64.rpm
 9feab2c5af54a7f44e2163b82d64032e  
2007.1/x86_64/ruby-libart2-0.16.0-2.1mdv2007.1.x86_64.rpm
 5364298efb07553a27555160db0dd249  
2007.1/x86_64/ruby-libglade2-0.16.0-2.1mdv2007.1.x86_64.rpm
 eb7d1481852b3538dd0e9c4c0fa10b0c  
2007.1/x86_64/ruby-panelapplet2-0.16.0-2.1mdv2007.1.x86_64.rpm
 140949b575299e5a0db4c779872e843b  
2007.1/x86_64/ruby-pango-0.16.0-2.1mdv2007.1.x86_64.rpm
 e4d0011c09d27226108b5ded5736c668  
2007.1/x86_64/ruby-poppler-0.16.0-2.1mdv2007.1.x86_64.rpm
 e22ad59b1ddb3da7365a5bfe5fab05c3  
2007.1/x86_64/ruby-rsvg2-0.16.0-2.1mdv2007.1.x86_64.rpm
 cd0596a1c344e2b7fd4f77fddbd1350c  
2007.1/x86_64/ruby-vte-0.16.0-2.1mdv2007.1.x86_64.rpm 
 316fffbb8ae34ab33d1466e53162d9cb  
2007.1/SRPMS/ruby-gnome2-0.16.0-2.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 8307750bd147672c60eea024629b3f2f  
2008.0/i586/ruby-atk-0.16.0-3.1mdv2008.0.i586.rpm
 4ede1f2646c69713f70e31cc12412fb1  
2008.0/i586/ruby-gconf2-0.16.0-3.1mdv2008.0.i586.rpm
 49da66f60cabd54e56fd6c5b1785689f  
2008.0/i586/ruby-gdkpixbuf2-0.16.0-3.1mdv2008.0.i586.rpm
 59a96dc934dfe93152ec491ad626183a  
2008.0/i586/ruby-glib2-0.16.0-3.1mdv2008.0.i586.rpm
 88dd3349f5d87eb514473d7d7ff04393  
2008.0/i586/ruby-gnome2-0.16.0-3.1mdv2008.0.i586.rpm
 6f61c8b4630791f6a2385cd64898f3d9  
2008.0/i586/ruby-gnome2-devel-0.16.0-3.1mdv2008.0.i586.rpm
 53ad3fcf39a69b734354c3869edc43c6  
2008.0/i586/ruby-gnomecanvas2-0.16.0-3.1mdv2008.0.i586.rpm
 56e31a8e492e5ed4cd62309addf3b393  
2008.0/i586/ruby-gnomeprint2-0.16.0-3.1mdv2008.0.i586.rpm
 8cf2869ae0851f923656de566a8d7d10  
2008.0/i586/ruby-gnomeprintui2-0.16.0-3.1mdv2008.0.i586.rpm
 78117f7fc39b38fc2493876f9ed9258e  
2008.0/i586/ruby-gnomevfs2-0.16.0-3.1mdv2008.0.i586.rpm
 edeabe7eef8a91a66654314dc116a67a  
2008.0/i586/ruby-gtk2-0.16.0-3.1mdv2008.0.i586.rpm
 8bea81137fae5d017bda7b5643f977df  
2008.0/i586/ruby-gtkglext-0.16.0-3.1mdv2008.0.i586.rpm
 f1733e1ce8b042a7a653015a71765f17  
2008.0/i586/ruby-gtkhtml2-0.16.0-3.1mdv2008.0.i586.rpm
 02e73422c69226f0b8365ccd1434630f  
2008.0/i586/ruby-gtkmozembed-0.16.0-3.1mdv2008.0.i586.rpm
 f41c6f51ada9ab5c662edd5e86fdc3fc  
2008.0/i586/ruby-gtksourceview-0.16.0-3.1mdv2008.0.i586.rpm
 412809b7df4bf120821d847acf784f31  
2008.0/i586/ruby-libart2-0.16.0-3.1mdv2008.0.i586.rpm
 d790e25de85766d985a00e3296ababbc  
2008.0/i586/ruby-libglade2-0.16.0-3.1mdv2008.0.i586.rpm
 9b4b2cd7a0fe9ccc71c23fe79696316c  
2008.0/i586/ruby-panelapplet2-0.16.0-3.1mdv2008.0.i586.rpm
 62847d04d24d38a3f524ce2d4750e92e  
2008.0/i586/ruby-pango-0.16.0-3.1mdv2008.0.i586.rpm
 568d13371026bd18b7a7de8e5a1b6790  
2008.0/i586/ruby-poppler-0.16.0-3.1mdv2008.0.i586.rpm
 9b7bb617c47787c1768ce6e41dfff985  
2008.0/i586/ruby-rsvg2-0.16.0-3.1mdv2008.0.i586.rpm
 70bb27ffb7ee95fec71c84408210adce  
2008.0/i586/ruby-vte-0.16.0-3.1mdv2008.0.i586.rpm 
 0df7cde4331837fb6862c9b5a97be8f5  
2008.0/SRPMS/ruby-gnome2-0.16.0-3.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 f994bb06d1aeea684703e4632dc83514  
2008.0/x86_64/ruby-atk-0.16.0-3.1mdv2008.0.x86_64.rpm
 aa09b9d481302f67ceb70212331a404d  
2008.0/x86_64/ruby-gconf2-0.16.0-3.1mdv2008.0.x86_64.rpm
 e2095aad322140ca87c2abaa36383bf6  
2008.0/x86_64/ruby-gdkpixbuf2-0.16.0-3.1mdv2008.0.x86_64.rpm
 8599aa977cce023e95e3d4013081bd46  
2008.0/x86_64/ruby-glib2-0.16.0-3.1mdv2008.0.x86_64.rpm
 e842e5a9cd8f4ddf65adc3ca537a23e2  
2008.0/x86_64/ruby-gnome2-0.16.0-3.1mdv2008.0.x86_64.rpm
 7df090f82bc32da5d71e5b1a01a936da  
2008.0/x86_64/ruby-gnome2-devel-0.16.0-3.1mdv2008.0.x86_64.rpm
 e009fc40831dcb1266168475e3f7a7ce  
2008.0/x86_64/ruby-gnomecanvas2-0.16.0-3.1mdv2008.0.x86_64.rpm
 dbcf26f9d25b208cda61be393420249a  
2008.0/x86_64/ruby-gnomeprint2-0.16.0-3.1mdv2008.0.x86_64.rpm
 39b325ee6548bdace767db805bf2c8b2  
2008.0/x86_64/ruby-gnomeprintui2-0.16.0-3.1mdv2008.0.x86_64.rpm
 7071eb94ac3c55e18d70519e6c8eca86  
2008.0/x86_64/ruby-gnomevfs2-0.16.0-3.1mdv2008.0.x86_64.rpm
 e2804b2ea0e09a9ceb10a301b588dc16  
2008.0/x86_64/ruby-gtk2-0.16.0-3.1mdv2008.0.x86_64.rpm
 9de7b27a7af2a97858712ecc85556c23  
2008.0/x86_64/ruby-gtkglext-0.16.0-3.1mdv2008.0.x86_64.rpm
 707ef739d27ff5e0dac19ddb1ef6eb0c  
2008.0/x86_64/ruby-gtkhtml2-0.16.0-3.1mdv2008.0.x86_64.rpm
 8a93344a6ce2757ef2a9c69f80ab38cc  
2008.0/x86_64/ruby-gtkmozembed-0.16.0-3.1mdv2008.0.x86_64.rpm
 0d56132f28b59eb54e915d215934d668  
2008.0/x86_64/ruby-gtksourceview-0.16.0-3.1mdv2008.0.x86_64.rpm
 0757a4b6ecf07630d45e508cd623f562  
2008.0/x86_64/ruby-libart2-0.16.0-3.1mdv2008.0.x86_64.rpm
 a959f2d58f667ab56874fe974cbdb38a  
2008.0/x86_64/ruby-libglade2-0.16.0-3.1mdv2008.0.x86_64.rpm
 93dff79288e4e248f7ff42d9574dcb6b  
2008.0/x86_64/ruby-panelapplet2-0.16.0-3.1mdv2008.0.x86_64.rpm
 ab701b2b9942d6834bef8f6e4723a27b  
2008.0/x86_64/ruby-pango-0.16.0-3.1mdv2008.0.x86_64.rpm
 17580801211d70f93579bfa6b36f10d8  
2008.0/x86_64/ruby-poppler-0.16.0-3.1mdv2008.0.x86_64.rpm
 21e8b9751a77135296f537e33006bc5a  
2008.0/x86_64/ruby-rsvg2-0.16.0-3.1mdv2008.0.x86_64.rpm
 91f4b51df125d5c184a2272cb2561d3c  
2008.0/x86_64/ruby-vte-0.16.0-3.1mdv2008.0.x86_64.rpm 
 0df7cde4331837fb6862c9b5a97be8f5  
2008.0/SRPMS/ruby-gnome2-0.16.0-3.1mdv2008.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iD8DBQFHo38WmqjQ0CJFipgRAuQ1AJkB4lvv5eqDT1xFB+zuFDSNT5dicwCfX5fT
tvrLJzPSQ/JsXO2WAEf6QSY=
=D1lc
-----END PGP SIGNATURE-----