Comment 1 Sune Kloppenborg Jeppesen (RETIRED) 2005-01-17 09:43:39 UTC

Erik Sjölund discovered a buffer overflow in xatitv, one of the
programs in the gatos package, that is used to display video with
certain ATI video cards.  xatitv is installed setuid root in order to
gain direct access to the video hardware.

Comment 2 Chris White (RETIRED) 2005-01-17 09:51:48 UTC

Lu_zero:

  I believe ati drivers are your walk in the park :).  Mind taking a look at this one?

Comment 3 Luca Barbato 2005-01-18 23:25:50 UTC

I can't find many references about xatitv.

The gatos ebuild should just provide the driver. We don't even provide the suggested tcl/tk viewer AVview. Not sure if that advisor applies to us or is just Debian only. I'll do further research during the day.

Comment 4 Thierry Carrez (RETIRED) 2005-01-19 01:16:12 UTC

I remember there was another issue in the Debian gatos package some time ago and we finally discovered that it didn't apply to us (not same sources, no xatitv on our side). I remember fetching the Debian package source to check...

So please doublecheck that we were right last time to drop it, in which case we'll drop it again.

Comment 5 Thierry Carrez (RETIRED) 2005-01-24 05:06:30 UTC

Does not apply to us, much like the old DSA-509-1