Nom du paquet
libdigidoc
Date
2013-09-02
Advisory ID
MDVSA-2013:225
Affected versions
MBS1 x86_64

Problem description

Updated libdigidoc packages fix security vulnerability:

Fixed one critical bug in the DDOC parsing routines. By persuading a
victim to open a specially-crafted DDOC file, a remote attacker could
exploit this vulnerability to overwrite arbitrary files on the system
with the privileges of the victim (CVE-2013-5648).

Updated packages

MBS1 x86_64

 127e32babc4b9e9115881f28051fc46f  mbs1/x86_64/lib64digidoc2-2.7.1.59-2.1.mbs1.x86_64.rpm
 a00dfa68679c7da6f3d194ef9404f7ad  mbs1/x86_64/lib64digidoc-devel-2.7.1.59-2.1.mbs1.x86_64.rpm 
 9a3cf1a9134ba0c186e894c112ddafa9  mbs1/SRPMS/libdigidoc-2.7.1.59-2.1.mbs1.src.rpm

References