Bug 138672

Summary:	app-emulation/emul-linux-x86-baselibs included libpng is vulnerable
Product:	Gentoo Security	Reporter:	Simon Stelling (RETIRED) <blubb>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	gent_bz
Priority:	High
Version:	unspecified
Hardware:	AMD64
OS:	Linux
Whiteboard:	A2(?) [glsa] jaervosz
Package list:		Runtime testing required:	---
Bug Depends on:	138433, 138736
Bug Blocks:

Description Simon Stelling (RETIRED) gentoo-dev

2006-07-01 02:01:26 UTC

according to bug 138433 media-libs/libpng needs to be updated to version 1.2.12 to fix a buffer overflow, so amd64 has to update its app-emulation/emul-linux-x86-baselibs.

Comment 1 Simon Stelling (RETIRED) gentoo-dev

2006-07-01 02:54:26 UTC

bugzi sucks

Comment 2 Simon Stelling (RETIRED) gentoo-dev

2006-07-01 03:25:42 UTC

emul-linux-x86-baselibs-2.5.1 includes the fixed libpng. I've committed the ebuild to the tree, though as ~amd64, because it is based on 2.5 which was previously ~amd64 and i could only marginally test it, so i'd be glad if someone else could do some more testing and then mark it stable

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-07-01 04:37:09 UTC

Updating status whiteboard.

Comment 4 Simon Stelling (RETIRED) gentoo-dev

2006-07-05 11:37:54 UTC

marked stable and updating status whiteboard to match the one from bug 138433 again

Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-07-12 09:58:04 UTC

Lets have a common GLSA with bug #138433.

Comment 6 Thierry Carrez (RETIRED) gentoo-dev

2006-07-19 10:14:56 UTC

Thx everyone, this is in GLSA 200607-06