Secunia Security Advisory - Mandriva has issued an update for gnucash. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
88dba0db4d57d19a0fd0e49b51863db813ebfe5e1176c03b033bed5c3ac82572
----------------------------------------------------------------------
Secunia is proud to announce the availability of the Secunia Software
Inspector.
The Secunia Software Inspector is a free service that detects insecure
versions of software that you may have installed in your system. When
insecure versions are detected, the Secunia Software Inspector also
provides thorough guidelines for updating the software to the latest
secure version from the vendor.
Try it out online:
http://secunia.com/software_inspector/
----------------------------------------------------------------------
TITLE:
Mandriva update for gnucash
SECUNIA ADVISORY ID:
SA24226
VERIFY ADVISORY:
http://secunia.com/advisories/24226/
CRITICAL:
Less critical
IMPACT:
Privilege escalation
WHERE:
Local system
OPERATING SYSTEM:
Mandriva Linux 2007
http://secunia.com/product/12165/
DESCRIPTION:
Mandriva has issued an update for gnucash. This fixes a
vulnerability, which can be exploited by malicious, local users to
perform certain actions with escalated privileges.
For more information:
SA24225
SOLUTION:
Apply updated packages.
Mandriva Linux 2007
a8b619c62b08ffe1a0a94123450c9182
2007.0/i586/gnucash-2.0.1-1.1mdv2007.0.i586.rpm
4670eabd1f6b6ac60d6c0fa6bbf86fae
2007.0/i586/gnucash-hbci-2.0.1-1.1mdv2007.0.i586.rpm
071c5a28526cc29b99d47485d95b5115
2007.0/i586/gnucash-ofx-2.0.1-1.1mdv2007.0.i586.rpm
fa58ac7785e11552ad48bc35427ee689
2007.0/i586/gnucash-sql-2.0.1-1.1mdv2007.0.i586.rpm
3f8f689dd645e73822bd5baa6ba4db1f
2007.0/i586/libgnucash0-2.0.1-1.1mdv2007.0.i586.rpm
336f63153412b508077cc655d6ce9e76
2007.0/i586/libgnucash0-devel-2.0.1-1.1mdv2007.0.i586.rpm
ae715153145554dab009d40e68148ce7
2007.0/SRPMS/gnucash-2.0.1-1.1mdv2007.0.src.rpm
Mandriva Linux 2007/X86_64
5e30146412acbec8657a8f4590146279
2007.0/x86_64/gnucash-2.0.1-1.1mdv2007.0.x86_64.rpm
725b0c74c9335e4698e634ebc34788da
2007.0/x86_64/gnucash-hbci-2.0.1-1.1mdv2007.0.x86_64.rpm
15c729b3a02cef72a3b1e019a2a17415
2007.0/x86_64/gnucash-ofx-2.0.1-1.1mdv2007.0.x86_64.rpm
00724c0891a6e67973c6c9bce8dc25a3
2007.0/x86_64/gnucash-sql-2.0.1-1.1mdv2007.0.x86_64.rpm
db2b23ba27b6651b0452cfa7463b8e4e
2007.0/x86_64/lib64gnucash0-2.0.1-1.1mdv2007.0.x86_64.rpm
c97bf9c1d352b89f59572c1762fd5930
2007.0/x86_64/lib64gnucash0-devel-2.0.1-1.1mdv2007.0.x86_64.rpm
ae715153145554dab009d40e68148ce7
2007.0/SRPMS/gnucash-2.0.1-1.1mdv2007.0.src.rpm
ORIGINAL ADVISORY:
http://www.mandriva.com/security/advisories?name=MDKSA-2007:046
OTHER REFERENCES:
SA24225:
http://secunia.com/advisories/24225/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------