Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 112608

Summary: x11-libs/gtk+,media-libs/gdk-pixbuf: Multiple XPM-based flaws
Product: Gentoo Security Reporter: Thierry Carrez (RETIRED) <koon>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: jaervosz, leonardop
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.idefense.com/application/poi/display?id=339&type=vulnerabilities
Whiteboard: A2 [glsa] koon
Package list:
Runtime testing required: ---

Description Thierry Carrez (RETIRED) gentoo-dev 2005-11-15 07:57:53 UTC
iDEFENSE and others have found issues in XPM processing for gtk+ and gdk-pixbuf.
Comment 1 Thierry Carrez (RETIRED) gentoo-dev 2005-11-15 07:59:13 UTC
leonardop: please commit the fixed ebuilds with corresponding stable keywords to
Portage...

We'll open this one as soon as iDEFENSE publishes.
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2005-11-15 08:01:39 UTC
*** Bug 109853 has been marked as a duplicate of this bug. ***
Comment 3 Leonardo Boshell (RETIRED) gentoo-dev 2005-11-15 08:58:54 UTC
The following ebuilds have been committed, including fixes for these problems:

  gdk-pixbuf-0.22.0-r5.ebuild
  gtk+-2.6.10-r1.ebuild
  gtk+-2.8.6-r1.ebuild

Thanks.
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2005-11-16 04:49:11 UTC
Public in iDEFENSE Security Advisory 11.15.05
Ready for GLSA

arm ia64 and mips should mark gdk-pixbuf-0.22.0-r5 and gtk+-2.6.10-r1 stable
Comment 5 Thierry Carrez (RETIRED) gentoo-dev 2005-11-16 07:25:25 UTC
GLSA 200511-14
arm ia64 and mips should mark stable to benefit from GLSA
Comment 6 Hardave Riar (RETIRED) gentoo-dev 2005-11-20 00:33:22 UTC
Stable on mips.