Home > Security > Advisories


Mandriva Advisories

Package name inkscape
Date March 22nd, 2007
Advisory ID MDKSA-2007:069
Affected versions 2007.0
Synopsis Updated inkscape packages to format string vulnerability

Problem Description

Format string vulnerability in Inkscape before 0.45.1 allows
user-assisted remote attackers to execute arbitrary code via format
string specifiers in a URI, which is not properly handled by certain

Updated packages have been patched to address this issue.

Updated Packages

Mandriva Linux 2007

 5f11975b5aeae4ea6ff5c96f2e433baa  2007.0/i586/inkscape-0.44-4.1mdv2007.0.i586.rpm 
 626bb6d54333ee2e86cd13353952b95a  2007.0/SRPMS/inkscape-0.44-4.1mdv2007.0.src.rpm

Mandriva Linux 2007/X86_64

 a42bb3246e026d19031a72b963649917  2007.0/x86_64/inkscape-0.44-4.1mdv2007.0.x86_64.rpm 
 626bb6d54333ee2e86cd13353952b95a  2007.0/SRPMS/inkscape-0.44-4.1mdv2007.0.src.rpm




To upgrade automatically, use MandrivaUpdate.


Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.