Format string vulnerability in Inkscape before 0.45.1 allows
user-assisted remote attackers to execute arbitrary code via format
string specifiers in a URI, which is not properly handled by certain
Updated packages have been patched to address this issue.
Mandriva Linux 2007
5f11975b5aeae4ea6ff5c96f2e433baa 2007.0/i586/inkscape-0.44-4.1mdv2007.0.i586.rpm 626bb6d54333ee2e86cd13353952b95a 2007.0/SRPMS/inkscape-0.44-4.1mdv2007.0.src.rpm
Mandriva Linux 2007/X86_64
a42bb3246e026d19031a72b963649917 2007.0/x86_64/inkscape-0.44-4.1mdv2007.0.x86_64.rpm 626bb6d54333ee2e86cd13353952b95a 2007.0/SRPMS/inkscape-0.44-4.1mdv2007.0.src.rpm
To upgrade automatically, use MandrivaUpdate.
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.