-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2005-70
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 22 Jun 2005
Last revised: 22 Jun 2005
Package: gedit
Summary: Format String Vulnerability
More information:
gEdit is a small but powerful text editor designed expressly for GNOME.
Format string vulnerability exists in the gedit.
Impact:
This vulnerability allows attackers to execute arbitrary code via a file with a carefully crafted name.
Affected Products:
- Turbolinux Home
- Turbolinux 10 F...
- Turbolinux 10 Desktop
Solution:
Please use the turbopkg (zabom) tool to apply the update.
---------------------------------------------
# turbopkg
or
# zabom -u gedit
---------------------------------------------
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home>
Source Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/gedit-2.4.1-6.src.rpm
1870618 644445ea7e599638832444105b1edb65
Binary Packages
Size: MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/gedit-2.4.1-6.i586.rpm
1048225 c36d7a10743ad356ca378aa914be194c
References:
CVE
[
CAN-2005-1686]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=
CAN-2005-1686
--------------------------------------------------------------------------
Revision History
22 Jun 2005 Initial release
--------------------------------------------------------------------------
Copyright(C) 2005 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCuOhtK0LzjOqIJMwRAikyAJ9E7iR8qwjQ2wAU1Bm5vxblvX3p1wCgsEMy
CYIustsBQ18ZR7g+8HsXsxI=
=DyLC
-----END PGP SIGNATURE-----