Releases

frugalware-0.8 (Kalgan)
Mar 11, 2008

frugalware-0.7 (Sayshell)
Oct 13, 2007

frugalware-0.6 (Terminus)
Mar 22, 2007

frugalware-0.5 (Siwenna)
Sep 14, 2006

frugalware-0.4 (Wanda)
Mar 30, 2006

frugalware-0.3 (Trantor)
Oct 13, 2005

frugalware-0.2 (Aurora)
Apr 28, 2005

frugalware-0.1 (Genesis)
Nov 02, 2004

RSS

Donations

Donate to support our development efforts.

Recent updates
apps-extra/pdftk
1.41-4-x86_64
base/yaboot
1.3.14-2-ppc
base/powerpc-utils
1.1.3_22-1-ppc
x11/
 xf86-input-synaptics
0.15.0-1-x86_64
xorg-core/
 xf86-input-synaptics
0.15.0-1-i686
games-extra/tuxmath
1.6.3-1-i686
apps-extra/pdftk
1.41-4-i686
network-extra/
 drupal6-potx
6.x_2.0-1-x86_64
apps/zsh
4.2.7-1-ppc
network-extra/
 drupal6-potx
6.x_2.0-1-i686

RSS
Languages
Change language | Change language | Change language | Change language | Change language | Change language | Change language
Information
Go Frugalware, Go
Valid XHTML 1.0!
Valid CSS!
Valid RSS!
Server information
Uptime:
12 day(s) 7 h 33 m 10 s
FSA424 - comix
Package:comix
Date:2008-04-14
Vulnerable version:3.6.4-1
Unaffected version:3.6.4-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/2923
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1568
Description:A vulnerability has been reported in Comix, which can be exploited by malicious people to compromise a user's sytem. The vulnerability is caused due to the improper verification of received filenames when executing the rar, unrar, or jpegtran programs. This can be exploited to execute arbitrary commands via a file containing shell metacharacters within the filename.
© 2003-2008. The Frugalware Developer Team