Parent Directory
| 
Revision Log
Add advisory for bug 10351
| 1 | ID: MGASA-2013-0164 |
| 2 | pubtime: 1370521473 |
| 3 | type: security |
| 4 | src: |
| 5 | 2: |
| 6 | core: |
| 7 | - flightgear-2.6.0-2.3.mga2 |
| 8 | 3: |
| 9 | core: |
| 10 | - flightgear-2.10.0-1.3.mga3 |
| 11 | subject: Updated flightgear package fixes security vulnerability |
| 12 | description: | |
| 13 | It was reported that FlightGear suffers from improper handling of format |
| 14 | strings when FlightGear is started with allowances for remote access (via |
| 15 | the --props or --telnet commandline arguments). If a remote attacker were |
| 16 | able to connect to FlightGear and set special parameters related with clouds, |
| 17 | it could cause FlightGear to crash. |
| 18 | references: |
| 19 | - http://kuronosec.blogspot.ca/2013/04/flightgear-remote-format-string.html |
| 20 | - http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106922.html |
| 21 | - https://bugs.mageia.org/show_bug.cgi?id=10351 |
| ViewVC Help | |
| Powered by ViewVC 1.1.28 |