[Bug 222592] Re: [CVE-2008-1102] Blender imb_loadhdr() buffer overflow

Launchpad Bug Tracker 222592 at bugs.launchpad.net
Mon Jan 26 15:42:01 UTC 2009


This bug was fixed in the package blender - 2.45-4ubuntu1.1

---------------
blender (2.45-4ubuntu1.1) hardy-security; urgency=low

  * SECURITY UPDATE: Stack-based buffer overflow in the imb_loadhdr
    function in Blender 2.45 allows user-assisted remote attackers
    to execute arbitrary code via a .blend file that contains a crafted
    Radiance RGBE image (LP: #222592)
    - 20_CVE-2008-1102.diff: Upstream patch to address stack overflow.
    - CVE-2008-1102
  * SECURITY UPDATE: Untrusted search path vulnerability in BPY_interface in
    Blender 2.46 allows local users to execute arbitrary code via a Trojan
    horse Python file in the current working directory, related to an
    erroneous setting of sys.path by the PySys_SetArgv function. (LP: #319501)
    - 01_sanitize_sys.path: Debian patch to no longer load modules from
      current dir. Slightly modified from Debian patch as per recommendation
      from debian patch author.
    - CVE-2008-4863

 -- Stefan Lesicnik <stefan at lsd.co.za>   Wed, 21 Jan 2009 10:01:23 +0200

-- 
[CVE-2008-1102] Blender imb_loadhdr() buffer overflow
https://bugs.launchpad.net/bugs/222592
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs




More information about the universe-bugs mailing list