Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 247365 - dev-tcltk/tkimg contains internal copies of various libraries
Summary: dev-tcltk/tkimg contains internal copies of various libraries
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Sébastien Fabbro (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-11-18 14:06 UTC by Diego Elio Pettenò (RETIRED)
Modified: 2008-12-03 11:28 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Diego Elio Pettenò (RETIRED) gentoo-dev 2008-11-18 14:06:41 UTC 
/usr/lib/Img1.3/libjpegtcl1.0.so contains libjpeg
/usr/lib/Img1.3/libpngtcl1.2.24.so contains libpng
/usr/lib/Img1.3/libtifftcl3.8.2.so contains libtiff
/usr/lib/Img1.3/libzlibtcl1.2.3.so contains zlib

Considering the version in the filename the version of the upstream library, at least libtiff might be vulnerable to GLSA 200809-07, and libpng is most likely vulnerable to GLSA 200804-15 .
Comment 1 Sébastien Fabbro (RETIRED) gentoo-dev 2008-12-03 11:28:15 UTC 
Should be fixed (tkimg-1.3.20081202).