A vulnerability was discovered in the Eye of GNOME (EOG) program,
version 2.2.0 and earlier, that is used for displaying graphics. A
carefully crafted filename passed to eog could lead to the execution
of arbitrary code as the user executing eog.
c2b6f3e1b6dc4676795d82fbb5d03270 9.0/RPMS/eog-1.0.2-1.1mdk.i586.rpm 3929458c9f13ccd8d102316b5180364f 9.0/SRPMS/eog-1.0.2-1.1mdk.src.rpm
4e46d00b4bc623843e626890983dcb7d 9.1/RPMS/eog-2.2.0-1.1mdk.i586.rpm b2c35125798f3bfef1b43bb9e34e3869 9.1/SRPMS/eog-2.2.0-1.1mdk.src.rpm
0e88dac227e691a431192c7005d78fc4 ppc/9.1/RPMS/eog-2.2.0-1.1mdk.ppc.rpm b2c35125798f3bfef1b43bb9e34e3869 ppc/9.1/SRPMS/eog-2.2.0-1.1mdk.src.rpm
Corporate Server 2.1
c2b6f3e1b6dc4676795d82fbb5d03270 corporate/2.1/RPMS/eog-1.0.2-1.1mdk.i586.rpm 3929458c9f13ccd8d102316b5180364f corporate/2.1/SRPMS/eog-1.0.2-1.1mdk.src.rpm
To upgrade automatically, use MandrivaUpdate.
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.