First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 246522
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Hanno Boeck <hanno@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 246522 depends on: Show dependency tree
Bug 246522 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-11-12 18:26 0000 
See secunia advisory:
http://secunia.com/Advisories/32651/

We already have 0.6.2 in the tree, so we only need to stabilize it, arch's
cc'ed.

------- Comment #1 From Christian Hoffmann 2008-11-12 22:03:38 0000 ------- 
Arches, please test and stabilize:
  =media-gfx/optipng-0.6.2

Target keywords: alpha amd64 ppc x86

------- Comment #2 From Markus Meier 2008-11-15 10:30:17 0000 ------- 
amd64/x86 stable

------- Comment #3 From Raúl Porcel 2008-11-15 11:47:33 0000 ------- 
alpha stable

------- Comment #4 From Tobias Scherbaum 2008-11-15 18:16:31 0000 ------- 
ppc stable

------- Comment #5 From Stefan Behte 2008-11-18 15:09:35 0000 ------- 
CVE-2008-5101 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5101):
  Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows
  user-assisted attackers to execute arbitrary code via a crafted BMP
  image, related to an "array overflow."

------- Comment #6 From Tobias Heinlein 2008-11-22 17:38:19 0000 ------- 
GLSA request filed.

------- Comment #7 From Robert Buchholz 2008-12-02 17:26:17 0000 ------- 
GLSA 200812-01
First Last Prev Next    No search results available      Search page      Enter new bug