Paketname
blender
Datum
2009-02-16
Advisory ID
MDVSA-2009:038
Betroffene Versionen
2009.0 x86_64 , 2009.0 i586 , 2008.1 x86_64 , 2008.1 i586

Problembeschreibung

Python has a variable called sys.path that contains all paths where
Python loads modules by using import scripting procedure. A wrong
handling of that variable enables local attackers to execute arbitrary
code via Python scripting in the current Blender working directory
(CVE-2008-4863).

This update provides fix for that vulnerability.

Aktualisierte Pakete

2009.0 x86_64

 d9b2eb8c7da84a952aba2d765f7b42de  2009.0/x86_64/blender-2.47-2.1mdv2009.0.x86_64.rpm 
 141773f95893bd41224e43381a1ccd86  2009.0/SRPMS/blender-2.47-2.1mdv2009.0.src.rpm

2009.0 i586

 eef9857e521b4abde0d3b7c47a9cb9a5  2009.0/i586/blender-2.47-2.1mdv2009.0.i586.rpm 
 141773f95893bd41224e43381a1ccd86  2009.0/SRPMS/blender-2.47-2.1mdv2009.0.src.rpm

2008.1 x86_64

 12b5389df35b1684cf477c446954a55b  2008.1/x86_64/blender-2.45-7.2mdv2008.1.x86_64.rpm 
 4714499cfd80c45bdd66f662d4bb081b  2008.1/SRPMS/blender-2.45-7.2mdv2008.1.src.rpm

2008.1 i586

 8fe2fd2741c0a1fca74bd653d74b527f  2008.1/i586/blender-2.45-7.2mdv2008.1.i586.rpm 
 4714499cfd80c45bdd66f662d4bb081b  2008.1/SRPMS/blender-2.45-7.2mdv2008.1.src.rpm

Referenzen