1. Gentoo Linux Security Advisory
| Advisory Reference | GLSA 200506-09 / gedit |
| Release Date | June 11, 2005 |
| Latest Revision | May 22, 2006: 02 |
| Impact | normal |
| Exploitable | remote |
| Package | Vulnerable versions | Unaffected versions | Architecture(s) |
| app-editors/gedit | < 2.10.3 | >= 2.10.3 | All supported architectures |
Related bugreports: #93352
gedit suffers from a format string vulnerability that could allow arbitrary code execution.
gedit is the official text editor of the GNOME desktop environement.
A format string vulnerability exists when opening files with names containing format specifiers.
A specially crafted file with format specifiers in the filename can cause arbitrary code execution.
There are no known workarounds at this time.
All gedit users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gedit-2.10.3" |