GLSA-201603-12 : FlightGear, SimGear: Multiple vulnerabilities
High Nessus Plugin ID 89905
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201603-12 (FlightGear, SimGear: Multiple vulnerabilities)
Multiple format string vulnerabilities in FlightGear and SimGear allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model.
Remote attackers could possibly execute arbitrary code or cause Denial of Service.
There is no known workaround at this time.
SolutionAll Flightgear users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=games-simulation/flightgear-3.4.0' All Simgear users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=games-simulation/simgear-3.4.0'