Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 7 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoocode execution

Gentoo GLSA-200903-41 gedit Local Code Execution Risk Normal Severity

A vulnerability in gedit might allow local attackers to execute arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200903-41 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: gedit: Untrusted search path Date: March 30, 2009 Bugs: #257004 ID: 200903-41 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in gedit might allow local attackers to execute arbitrary code. Background ========= gedit is a text editor for the GNOME desktop. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/gedit < 2.24.3 *> = 2.22.3-r1 > = 2.24.3 Description ========== James Vega reported that gedit uses the current working directory when searching for python modules, a vulnerability related to CVE-2008-5983. Impact ===== A local attacker could entice a user to open gedit from a specially crafted environment, possibly resulting in the execution of arbitrary code with the privileges of the user running the application. Workaround ========= Do not run gedit from untrusted working directories. Resolution ========= All gedit 2.22.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-editors/gedit-2.22.3-r1" All gedit 2.24.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-editors/gedit-2.24.3" References ========= [ 1 ] CVE-2008-5983 https://www.cve.org/CVERecord?id=CVE-2008-5983 [ 2 ] CVE-2009-0314 https://www.cve.org/CVERecord?id=CVE-2009-0314 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200903-41 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . A vulnerability in gedit may enable local attackers to execute unauthorized code. Please update to safeguard your system.. gedit security, Gentoo updates, local code execution. . LinuxSecurity.com Team

Calendar 2 Mar 30, 2009 Gentoo
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraremote code execution

Fedora 10: 2009-3500 Urgent Gedit Memory Issue and Risk

A memory corruption flaw was discovered in the way Firefox handles XML files containing an XSLT transform. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1169) A flaw was discovered in the way Firefox handles certain XUL garbage collection events. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1044). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-3100 2009-03-28 00:57:36 --------------------------------------------------------------------------------Name : kazehakase Product : Fedora 10 Version : 0.5.6 Release : 1.fc10.5 URL : Summary : Kazehakase browser using Gecko rendering engine Description : Kazehakase is a Web browser which aims to provide a user interface that is truly user-friendly & fully customizable. This package uses Gecko for HTML rendering engine. --------------------------------------------------------------------------------Update Information: A memory corruption flaw was discovered in the way Firefox handles XML files containing an XSLT transform. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1169) A flaw was discovered in the way Firefox handles certain XUL garbage collection events. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1044) --------------------------------------------------------------------------------ChangeLog: * Fri Mar 27 2009 Christopher Aillon - 0.5.6-1.5 - Rebuild against newer gecko * Fri Mar 6 2009 Jan Horak - 0.5.6-1.4 - Rebuild against newer gecko * Wed Feb 4 2009 Christopher Aillon - 0.5.6-1.3 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon -0.5.6-1.2 - Rebuild against newer gecko --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update kazehakase' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Latest Kazehakase patch for Fedora 10 addresses memory leaks in Firefox. Protect your device against potential code execution exploits.. Kazehakase Security Update, Memory Corruption, Firefox Intrusion, Remote Code Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 28, 2009 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoragedit

Fedora 10: 2010-2345 High: Nautilus Privilege Escalation Vulnerability

Untrusted search path vulnerability in gedit's Python module allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-1189 2009-01-29 22:32:51 --------------------------------------------------------------------------------Name : gedit Product : Fedora 9 Version : 2.22.3 Release : 3.fc9 URL : https://wiki.gnome.org/Apps Summary : gEdit is a small but powerful text editor for GNOME Description : gEdit is a small but powerful text editor designed specifically for the GNOME GUI desktop. gEdit includes a plug-in API (which supports extensibility while keeping the core binary small), support for editing multiple documents using notebook tabs, and standard text editor functions. You'll need to have GNOME and GTK+ installed to use gEdit. --------------------------------------------------------------------------------Update Information: Untrusted search path vulnerability in gedit's Python module allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function. References: The latest stable upstream release of gedit. From the release announcement: New Features and Fixes ====================== - Backport some bugfixes from the developement version New and updated translations ============================ - Alexander Shopov (bg) - Priit Laes (et) - Shankar Prasad (kn) --------------------------------------------------------------------------------ChangeLog: * Mon Jan 26 2009 Ray Strode - 1:2.22.3-3 - Fix bug 481556 in a more functional way. * Mon Jan 26 2009 Ray Strode - 1:2.22.3-2 - Fix up python plugin path to close up a security attack vectors (bug481556). --------------------------------------------------------------------------------References: [ 1 ] Bug #481556 - gedit: untrusted python modules search path https://bugzilla.redhat.com/show_bug.cgi?id=481556 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update gedit' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Addressing the untrusted search path vulnerability in gedit's Python module, enabling local code execution. Update now!. gedit update, Fedora 9, Python module exploit. . LinuxSecurity.com Team

Calendar 2 Jan 29, 2009 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracode execution

Fedora 10 gedit 2.24.3-3 Critical: Local Code Execution Threat

Untrusted search path vulnerability in gedit's Python module allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-1187 2009-01-29 22:32:49 --------------------------------------------------------------------------------Name : gedit Product : Fedora 10 Version : 2.24.3 Release : 3.fc10 URL : https://wiki.gnome.org/Apps Summary : gEdit is a small but powerful text editor for GNOME Description : gEdit is a small but powerful text editor designed specifically for the GNOME GUI desktop. gEdit includes a plug-in API (which supports extensibility while keeping the core binary small), support for editing multiple documents using notebook tabs, and standard text editor functions. You'll need to have GNOME and GTK+ installed to use gEdit. --------------------------------------------------------------------------------Update Information: Untrusted search path vulnerability in gedit's Python module allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function. References: The latest stable upstream release of gedit. From the release announcement: New Features and Fixes ====================== - Backport some bugfixes from the developement version New and updated translations ============================ - Alexander Shopov (bg) - Priit Laes (et) - Shankar Prasad (kn) --------------------------------------------------------------------------------ChangeLog: * Mon Jan 26 2009 Ray Strode - 1:2.24.3-3 - Fix bug 481556 in a more functional way * Mon Jan 26 2009 Ray Strode - 1:2.24.3-2 - Fix up python plugin path to close up a security attack vectors (bug481556). * Thu Jan 15 2009 Matthias Clasen - 1:2.24.3-1 - Update to 2.24.3 --------------------------------------------------------------------------------References: [ 1 ] Bug #481556 - gedit: untrusted python modules search path https://bugzilla.redhat.com/show_bug.cgi?id=481556 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update gedit' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Critical vulnerability detected in gedit's Python functionality, permitting local malware execution through rogue scripts; immediate remediation recommended.. gedit update, local execution exploit, Fedora security, Python security flaw. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 29, 2009 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updateFedora Core

Fedora Core 5 Security Advisory: gedit-2.14.2 Moderate Bug Fixes

Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-316 2006-04-17 ---------------------------------------------------------------------Product : Fedora Core 5 Name : gedit Version : 2.14.2 Release : 1.fc5.1 Summary : gEdit is a small but powerful text editor for GNOME. Description : gEdit is a small but powerful text editor designed specifically for the GNOME GUI desktop. gEdit includes a plug-in API (which supports extensibility while keeping the core binary small), support for editing multiple documents using notebook tabs, and standard text editor functions. You'll need to have GNOME and GTK+ installed to use gEdit. ---------------------------------------------------------------------Update Information: New features and fixes =====================- bugfixes to the external tools plugin (Steve Frécinaux) - bugfixes to the snippets plugin (Jesse Van Den Kieboom) - misc bugfixes New and updated translations ===========================- Clytie Siddall (vi) - Francisco Javier F. Serrador (es) - Ihar Hrachyshka (be) - Ivar Smolin (et) - Jérémy Ar Floc'h (br) - Pema Geyleg (dz) - Vladimer Sichinava (ka) ---------------------------------------------------------------------* Mon Apr 10 2006 Matthias Clasen 2.14.2-1.fc5.1 - Update to 2.14.2 ---------------------------------------------------------------------This update can be downloaded from: efe4d06ac72cf8346b12159636f73e0d00c50785 SRPMS/gedit-2.14.2-1.fc5.1.src.rpm 9a17a5d6a2438148bca49acc429ad32d94351e69 ppc/gedit-2.14.2-1.fc5.1.ppc.rpm b9b41bf9f4b2ebb85e28fc1687b061f2fa67bba6 ppc/gedit-devel-2.14.2-1.fc5.1.ppc.rpm f53a0b2a1c819e3f36ac1a6be38880db8622238b ppc/debug/gedit-debuginfo-2.14.2-1.fc5.1.ppc.rpm b49b86e8b76d8bf876ed5c473eeadb409fe999c4 x86_64/gedit-2.14.2-1.fc5.1.x86_64.rpm 047bddd8c73f0f419a7ca8e572a3d0d4b3e34bb4 x86_64/gedit-devel-2.14.2-1.fc5.1.x86_64.rpm 613ce9d69ed690475c3655a1add8b9893307b0da x86_64/debug/gedit-debuginfo-2.14.2-1.fc5.1.x86_64.rpm 1b0a6aa27502b8dc0951b485c492a60b77c3285b i386/gedit-2.14.2-1.fc5.1.i386.rpm 2da966cd41d52dc6089b9f1334ce619b61089b91 i386/gedit-devel-2.14.2-1.fc5.1.i386.rpm e5f0ea5cc7c0eac9aa5a1286cc5f7692ca84abc1 i386/debug/gedit-debuginfo-2.14.2-1.fc5.1.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Significant improvements and patches in gedit-2.14.2 for Fedora Core 5, featuring enhanced language support and resolution of various issues.. Fedora Updates,Gedit Editor,Software Updates,GNOME Text Editor,Bug Fixes. . LinuxSecurity.com Team

Calendar 2 Apr 17, 2006 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalsoftware update

Fedora Core 5: gedit-2.14.1-1 Critical: Tab Drag-and-Drop Problem

A new version of the gedit package has been built that fixes a problem with tab drag-and-drop when multiple gedit windows are open.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-157 2006-03-24 ---------------------------------------------------------------------Product : Fedora Core 5 Name : gedit Version : 2.14.1 Release : 1 Summary : gEdit is a small but powerful text editor for GNOME. Description : gEdit is a small but powerful text editor designed specifically for the GNOME GUI desktop. gEdit includes a plug-in API (which supports extensibility while keeping the core binary small), support for editing multiple documents using notebook tabs, and standard text editor functions. You'll need to have GNOME and GTK+ installed to use gEdit. ---------------------------------------------------------------------Update Information: A new version of the gedit package has been built that fixes a problem with tab drag-and-drop when multiple gedit windows are open. ---------------------------------------------------------------------* Thu Mar 16 2006 Matthias Clasen 2.14.1-1 - Update to 2.14.1 ---------------------------------------------------------------------This update can be downloaded from: 5de6c6a5f3a261f539d5a1489b574c49c0e7199c SRPMS/gedit-2.14.1-1.src.rpm c6926a64b638becbd1970f611808a7f5e7120fc1 ppc/gedit-2.14.1-1.ppc.rpm e9b4dc321e16089b937754779c24dcea59953a41 ppc/gedit-devel-2.14.1-1.ppc.rpm 0293db0e992e8a02ae955a10fc0a2e40317fd998 ppc/debug/gedit-debuginfo-2.14.1-1.ppc.rpm 684f5aeb056f8c17bea3f3f572407f0083e232db x86_64/gedit-2.14.1-1.x86_64.rpm 614a3235c17a12150092fd363f13ac5354073791 x86_64/gedit-devel-2.14.1-1.x86_64.rpm b0a10022ac624140d4c78f98e7f23dd21e9eca68 x86_64/debug/gedit-debuginfo-2.14.1-1.x86_64.rpm 48e7a69b48548eab464539b642f680403f9c137d i386/gedit-2.14.1-1.i386.rpm 5173ea3628f59c52f3cf3784d7b60ae69446399a i386/gedit-devel-2.14.1-1.i386.rpm 1deebf8135a3fb9f45cf992e74c46c477ba09942 i386/debug/gedit-debuginfo-2.14.1-1.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Latest gedit release for Fedora Core 5 resolves problems with tab management across various windows. Update your system today!. gedit update,Fedora Core,software fix,GNOME text editor. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 24, 2006 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdatecritical

Fedora Core 5: FEDORA-2005-950 Important Update for Gedit Released

Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-738 2005-08-10 ---------------------------------------------------------------------Product : Fedora Core 3 Name : vim Version : 6.3.086 Release : 0.fc3 Summary : The VIM editor. Description : VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. ---------------------------------------------------------------------Update Information: CAN-2005-2368 ---------------------------------------------------------------------* Wed Aug 10 2005 Karsten Hopp 6.3.086-0.fc3 - build for FC-3 * Tue Aug 9 2005 Karsten Hopp 6.3.086-1 - update to patchlevel 86 * Sun Jun 12 2005 Karsten Hopp 6.3.080-1 - update to patchlevel 80 * Wed Apr 27 2005 Jeremy Katz - 1:6.3.071-3 - silence %post * Mon Apr 18 2005 Karsten Hopp 6.3.071-2 - fix wrong Russian code page for vimtutor (#155181) * Mon Apr 11 2005 Karsten Hopp 6.3.071-1 - patchlevel 71, fixes crashes when converting text with illegal characters and when moving the vertical separator to the far left (vertically splitted window) ---------------------------------------------------------------------This update can be downloaded from: e8713820a24eae8791b0eedb16e9410a SRPMS/vim-6.3.086-0.fc3.src.rpm 215a750345bc4c03af915fc7c5262432 x86_64/vim-common-6.3.086-0.fc3.x86_64.rpm 5f103768c33411aeae28a67514ed394c x86_64/vim-minimal-6.3.086-0.fc3.x86_64.rpm b041c2cc9e5d8ecc621aed5c85e42e35 x86_64/vim-enhanced-6.3.086-0.fc3.x86_64.rpm 1bb5dc4210cedc062f1c8879bb8cbf75 x86_64/vim-X11-6.3.086-0.fc3.x86_64.rpm 80d7efb223f3854dc4e6161667702559 x86_64/debug/vim-debuginfo-6.3.086-0.fc3.x86_64.rpm f72bdd8d4585908fc8510b9c6a29e4a6 i386/vim-common-6.3.086-0.fc3.i386.rpm fba09464a17c75bf386d96b941e16f39 i386/vim-minimal-6.3.086-0.fc3.i386.rpm 0dfefee9fb62531d5c811d3aaeda136b i386/vim-enhanced-6.3.086-0.fc3.i386.rpm 1e1667c5e142a096d048502b5117b87d i386/vim-X11-6.3.086-0.fc3.i386.rpm fca814aa727e1e34a9bdad1bb0341f4d i386/debug/vim-debuginfo-6.3.086-0.fc3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The recent Fedora Core 3 update for vim brings crucial improvements and bug resolutions. Ensure your system remains safe with this new release.. Fedora Core 3,Vim Update,Critical Fixes,Software Security,Text Editor. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 11, 2005 Important Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian: DSA 754-1 Urgent: Gedit Format String Denial Of Service

A format string vulnerability has been discovered in gedit, a light-weight text editor for GNOME, that may allow attackers to cause a denial of service (application crash) via a binary file with format string specifiers in the filename.. - --------------------------------------------------------------------------Debian Security Advisory DSA 753-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze July 12th, 2005 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : gedit Vulnerability : format string Problem-Type : remote Debian-specific: no CVE ID : CAN-2005-1686 A format string vulnerability has been discovered in gedit, a light-weight text editor for GNOME, that may allow attackers to cause a denial of service (application crash) via a binary file with format string specifiers in the filename. Since gedit supports opening files via "http://" URLs (through GNOME vfs) and other schemes, this might be a remotely exploitable vulnerability. The old stable distribution (woody) is not vulnerable to this problem. For the stable distribution (sarge) this problem has been fixed in version 2.8.3-4sarge1. For the unstable distribution (sid) this problem has been fixed in version 2.10.3-1. We recommend that you upgrade your gedit package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - --------------------------------Source archives: Size/MD5 checksum: 1848 99c4beadcf902ee5857c7a3150f4d0ad Size/MD5 checksum: 54443 96de2c7d0d757d867f46d36490e0ee92 Size/MD5 checksum: 4051445 cbbd5999141d6de932a0afdd55f1aa35 Architecture independent components: Size/MD5 checksum: 1826070 d8519b91f1a8aeba351b1eca19c17712 Size/MD5 checksum: 44346 01d42b323e7ffdd2a6aba454996a5a48 Alpha architecture: Size/MD5 checksum: 523608 1f183dc0960c8e9405953fb0946a1f8b ARM architecture: Size/MD5 checksum: 457332 476fc39b828ffcd2224f4ce65e71afcc Intel IA-32 architecture: Size/MD5 checksum: 470122 7162c0ac1f1a7ccd2a315d5b4f01f5d2 Intel IA-64 architecture: Size/MD5 checksum: 578896 85c408b6b41585ddb5d366a3d8ea8aea HP Precision architecture: Size/MD5 checksum: 505246 2436f36b3b10b36e3af1688e420de02f Motorola 680x0 architecture: Size/MD5 checksum: 459142 d475046c385f0ebd06912d89671f89ef Big endian MIPS architecture: Size/MD5 checksum: 456504 4e3dbf6cf317c281cd5ddfd379bfa6c1 Little endian MIPS architecture: Size/MD5 checksum: 455104 c466bd51b370e0bfe4a0133e9f31e87c PowerPC architecture: Size/MD5 checksum: 473552 7f15b8f11abb2cb017bdc8a9069f1940 IBM S/390 architecture: Size/MD5 checksum: 492994 d86d79670ebad24391213d3449db0dee Sun Sparc architecture: Size/MD5 checksum: 462362 f24856c85dd4f7782a7377423392db70 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian has released a vital update to fix a denial of service vulnerability in gedit, the widely used text editor, ensuring user protection against attacks. gedit security, format string fix, Debian advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 12, 2005 Important Debian
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here