About Ubuntu

=========================================================== Ubuntu Security Notice USN-286-1 May 24, 2006 dia vulnerabilities CVE-2006-2453, CVE-2006-2480 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger) The following packages are affected: dia dia-gnome The problem can be corrected by upgrading the affected package to version 0.94.0-5ubuntu1.3 (for Ubuntu 5.04), or 0.94.0-11ubuntu1.2 (for Ubuntu 5.10). After doing a standard system upgrade you need to restart dia to effect the necessary changes. Details follow: Several format string vulnerabilities have been discovered in dia. By tricking a user into opening a specially crafted dia file, or a file with a specially crafted name, this could be exploited to execute arbitrary code with the user's privileges.