Full Disclosure mailing list archives
rPSA-2006-0219-1 info install-info texinfo
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Mon, 27 Nov 2006 10:44:06 -0500
rPath Security Advisory: 2006-0219-1 Published: 2006-11-27 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: info=/conary.rpath.com@rpl:devel//1/4.8-6.2-1 install-info=/conary.rpath.com@rpl:devel//1/4.8-6.2-1 texinfo=/conary.rpath.com@rpl:devel//1/4.8-6.2-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4810 https://issues.rpath.com/browse/RPL-810 Description: Previous versions of the texinfo package can be caused to execute arbitrary code contained in an intentionally malformed texinfo file. These texinfo commands are often run automatically when building software packages. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- rPSA-2006-0219-1 info install-info texinfo rPath Update Announcements (Nov 27)