Welcome to Soft32 Linux Forums!
FAQFAQ    SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Bug#400303: fvwm: CRLF injection in fvwm-menu-directory (C..

  
   Soft32 Home -> Linux2 Arch -> Bugs Dist RSS
Next:  Bug#263535: A few developers may not care much ab..  
Author Message
Axel Beckert

External


Since: Nov 25, 2006
Posts: 4



(Msg. 1) Posted: Fri Nov 24, 2006 11:50 pm
Post subject: Bug#400303: fvwm: CRLF injection in fvwm-menu-directory (CVE-2006-5969) also in stable
Archived from groups: linux>debian>bugs>dist (more info?)
Package: fvwm
Version: 2.5.12-5
Severity: grave
Tags: stable, security

Hi,

the CRLF injection in fvwm-menu-directory (CVE-2006-5969) as
documented at

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969
http://www.gentoo-portage.com/x11-wm/fvwm/ChangeLog
http://thread.gmane.org/gmane.comp.window-managers.fvwm.devel/2419/focus=2419

which has been fixed in Sid with the upload of 1:2.5.18-2 on 10th of
November 2006 also exist in Sarge's version of fvwm and should be
fixed there, too.

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.33.2-1-dphys-k8-smp-64gb
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages fvwm depends on:
ii gdk-imlib1 1.9.14-16.2 imaging library for use with gtk (
ii libc6 2.3.2.ds1-22sarge4 GNU C Library: Shared libraries an
ii libfontconfig1 2.3.1-2 generic font configuration library
ii libfreetype6 2.1.7-6 FreeType 2 font engine, shared lib
ii libfribidi0 0.10.4-6 Free Implementation of the Unicode
ii libglib1.2 1.2.10-9 The GLib library of C routines
ii libgtk1.2 1.2.10-17 The GIMP Toolkit set of widgets fo
ii libice6 4.3.0.dfsg.1-14sarge2 Inter-Client Exchange library
ii libncurses5 5.4-4 Shared libraries for terminal hand
ii libpng12-0 1.2.8rel-1 PNG library - runtime
ii libreadline4 4.3-11 GNU readline and history libraries
ii librplay3 3.3.2-8 Shared libraries for the rplay net
ii libsm6 4.3.0.dfsg.1-14sarge2 X Window System Session Management
ii libstroke0 0.5.1-4 support for mouse strokes like tho
ii libx11-6 4.3.0.dfsg.1-14sarge2 X Window System protocol client li
ii libxext6 4.3.0.dfsg.1-14sarge2 X Window System miscellaneous exte
ii libxft2 2.1.7-1 FreeType-based font drawing librar
ii libxi6 4.3.0.dfsg.1-14sarge2 X Window System Input extension li
ii libxpm4 4.3.0.dfsg.1-14sarge2 X pixmap library
ii libxrender1 0.8.3-7 X Rendering Extension client libra
ii xlibs 4.3.0.dfsg.1-14sarge2 X Keyboard Extension (XKB) configu
ii zlib1g 1:1.2.2-4.sarge.2 compression library - runtime

-- debconf information:
fvwm/upgrade/pre_2.5.8: false


--
To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST.TakeThisOut@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.TakeThisOut@lists.debian.org
Back to top
Login to vote
Display posts from previous:   
Related Topics:
Bug#401193: No Debian menu entry for blobwars (/etc/X11/fv.. - Package: blobwars Version: 1.05-3 Severity: minor Upon installation of "blobwars", no Debian menu entry is c...

Bug#420130: fvwm: should detect xinerama layout change - Package: fvwm Version: 1:2.5.18-3 Severity: wishlist Hi, Now that xrandr permits to achieve all sorts of nice resizes...

Bug#264016: fvwm: FvwmForm uses bad fonts in utf-8 locale - Hi, About 3 years ago, you reported a bug to the Debian BTS regarding FvwmForm using bad fonts in utf8 locale. Do you....

Bug#401822: fvwm-crystal depends on one of a set of termin.. - Package: fvwm-crystal Version: 3.0.3-3.1 Severity: normal I am trying to build a useful system on a 600M hard disk. I...

Bug#402525: moving with middle mouse button in fvwm pager .. - Package: fvwm Version: 2.5.18-2 I am running the most up to date debian testing on amd64. FvwmPager shows the..

Bug#414784: putty-tools: please open as text or otherwise .. - Package: putty-tools Version: 0.58-5 Severity: wishlist I was using puttygen to extract (?) a public key from a privat...
       Soft32 Home -> Linux2 Arch -> Bugs Dist All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Categories:
 Windows
 Linux
 Mac
 PDA

[ Contact us | Terms of Service/Privacy Policy ]