574380 – media-gfx/eog: integer overflow (CVE-2013-7447)

Bug 574380 - media-gfx/eog: integer overflow (CVE-2013-7447)

Summary: media-gfx/eog: integer overflow (CVE-2013-7447)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://bugzilla.gnome.org/show_bug.c...
Whiteboard:
Keywords:

Depends on:	gnome-3.18-stable
Blocks:	CVE-2013-7447
	Show dependency tree

Reported:	2016-02-10 21:50 UTC by Kristian Fiskerstrand (RETIRED)
Modified:	2016-06-12 02:36 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kristian Fiskerstrand (RETIRED) gentoo-dev

2016-02-10 21:50:14 UTC

media-gfx/eog is vulnerable to CVE-2013-7447

See tracking bug for details.

##

kflaptop eog-3.16.3 # grep -r "cairo_pixels" -- *
src/eog-print-preview.c:  guchar *cairo_pixels;
src/eog-print-preview.c:  cairo_pixels = g_malloc (height * cairo_stride);