Summary: | =media-gfx/graphicsmagick-1.3.7: ltdl.c in libltts to open a .la file in the current working directory (CVE-2009-3736)dl attemp | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Arseny Solokha <asolokha> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | ||||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/ChangeLog | ||||||
Whiteboard: | ~1 [noglsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Arseny Solokha
2009-12-02 11:59:20 UTC
Created attachment 211756 [details, diff]
The fix
This patch upgrades version of libltdl which comes with GraphicsMagick to 2.2.6b.
This patch has been added to the portage tree on January 11, 2009. Should this bug be closed now? GraphicsMagick 1.3.7 has been removed from the Portage tree on February 14, 2010. Newer versions have this bug fixed. This report is quite objectless now and should be closed. Closing NOGLSA, as there never was a stable version. |