On 07/07/2011 01:37 PM, Lisufas Linuxfreunde wrote:
Something strange,
I just noticed that a security update for ocular:
→ libkdcraw8 - Shared library interface around dcraw
→ libkipi7 - KDE Image Plug-In Interface
with Info:↓
gwenview - okular security update
This update fixes a heap-based overflow in okular. The RLE decompression in the TranscribePalmImageToJPEG() function can be exploited to execute arbitrary code with user privileges by providing a crafted PDF file. (CVE-2010-2575). Referenzen: 634743 (bugzilla) : bug number 634743 CVE-2010-2575 (cve) : CVE-2010-2575 -------------------------------------------------------------
was displayed. Has anyone found similar?
We also ship with latest okular in KUSC. You should be safe. -- Ismail Dönmez - openSUSE Booster SUSE LINUX Products GmbH Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-kde+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-kde+help@opensuse.org