The Gnumeric spreadsheet contains a number of "plugins". Some of these plugins allow users to define functions in Perl, Python and Guile and export those to the Gnumeric engine. The Guile plugin was exporting a dangerous function that allowed any user to execute arbitrary scheme code. Which means that a gnumeric spredsheet file might have contained malicious code and it would have been executed when Gnumeric evaluates the contents of the cell. To fix this you can either: 1. Upgrade your Gnumeric to a new version of it. 2. You can remove the libgnumguile plugin from the system. best wishes, Miguel
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:55:02 PDT