GLSA-200809-01 : yelp: User-assisted execution of arbitrary code
Critical Nessus Plugin ID 34090
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200809-01 (yelp: User-assisted execution of arbitrary code)
Aaron Grattafiori reported a format string vulnerability in the window_error() function in yelp-window.c.
A remote attacker can entice a user to open specially crafted 'man:' or 'ghelp:' URIs in yelp, or an application using yelp such as Firefox or Evolution, and execute arbitrary code with the privileges of that user.
There is no known workaround at this time.
SolutionAll yelp users running GNOME 2.22 should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=gnome-extra/yelp-2.22.1-r2' All yelp users running GNOME 2.20 should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=gnome-extra/yelp-2.20.0-r1'