Skip Quicknav

• About Debian
• News
• Getting Debian
• Support
• Developers' Corner
• Site map
• Search

Debian Security Advisory

DSA-1567-1 blender -- buffertspill

Date Reported:

05 May 2008

Affected Packages:

blender

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2008-1102.

More information:

Stefan Cornelius upptäckte en sårbarhet i tolken för Radiance High Dynamic Range-bilder (HDR) i Blender, ett 3D-modelleringsprogram. Sårbarheten kunde orsaka ett stackbaserat buffertspill, vilket kunde leda till exekvering av godtycklig kod om en skräddarsydd HDR-fil öppnades, eller om en katalog med en sådan fil bläddrades i Blenders öppna bild-dialog.

För den stabila utgåvan (Etch) har dessa problem rättats i version 2.42a-7.1+etch1.

För den instabila utgåvan (Sid) har dessa problem rättats i version 2.45-5.

Vi rekommenderar att ni uppgraderar era blender-paket.

Fixed in:

Debian GNU/Linux 4.0 (etch)

Source:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1.dsc

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1.diff.gz

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a.orig.tar.gz

Alpha:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_alpha.deb

AMD64:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_amd64.deb

ARM:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_arm.deb

HP Precision:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_hppa.deb

Intel IA-32:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_i386.deb

Intel IA-64:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_ia64.deb

Big-endian MIPS:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_mips.deb

Little-endian MIPS:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_mipsel.deb

PowerPC:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_powerpc.deb

IBM S/390:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_s390.deb

Sun Sparc:

http://security.debian.org/pool/updates/main/b/blender/blender_2.42a-7.1+etch1_sparc.deb

MD5 checksums of the listed files are available in the original advisory.

This page is also available in the following languages:

dansk Deutsch English 日本語 (Nihongo)

How to set the default document language