Bug#466963: inguma: Warnings when byte-compiling .py files

a part of Inguma. Regards, Joxean Koret signature.asc Description: This is a digitally signed message part

Bug#330894: inkscape: Arbitrary code execution when opening a malicious file

troubles too, at least for the syntax highlighter. > This is only a P.O.C. I have no working exploit at the moment for the issue. > I also tried it with sodipodi, but could not see an effect. It seems to > open cleanly. > > With best wishes, > > Wolfi Regards, Joxe

Bug#330895: blender: Arbitrary code execution when importing a .bvh file

execution. The problem was corrected at 2005/01/22 in the CVS but the main package doesn't come with the fixed script. Attached goes the e-mail sended to the Blender people, one working exploit to test the vulnerability under Debian, and 2 proof of concepts. Regards, Joxean Koret -- S

Bug#330894: inkscape: Arbitrary code execution when opening a malicious file

, there is no patch for the issue. Attached goes a Proof Of Concept. NOTE: I think the problem may not be exploitable because you need to write a shellcode using only valid XML characters. Regards, Joxean Koret -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux

Bug#330890: dia: Arbitrary code execution when importing a .svg file

too many times but without any look so, I think, there is no patch at the moment for the issues. Attached goes a working exploit to test the vulnerability. Regards, Joxean Koret -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.11-1-386 Locale: [EMAIL

Bug#320262: Various security problems in Mantis Bugtracker

Package: mantis Version: 0.19.2-3 Severity: grave Justification: user security hole Various security problems were fixed in the latest releases of Mantis Bugtracker: 1.0.0RC1 and 1.0.0RC2. We need patches for these issues. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kern