| Summary: | app-office/abiword 2.4.5 has been released (version bump requested) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Pacho Ramos <pacho> |
| Component: | Auditing | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | enhancement | CC: | fauli, gustavoz, security |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | B2? [noglsa] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 144120 | ||
| Bug Blocks: | |||
|
Description
Pacho Ramos
2006-07-09 15:21:59 UTC
Revbumped, thanks for the news. Security: The ChangeLog mentions a security bug fix "Fix a security bug that was reported to us by Joxean Koret (thanks a lot!). A stack corruption could be triggered in the toolbar code by loading a document which contained a style with an insanely long name (afftects only Windows and Unix)". It is unclear if this affects the 2.2.x branch (current stable). Please advise. Reassigning to security for a decision Taviso or someone else, please check wether this affects 2.2.x Can we close this bug, because 2.4.5 is getting stabled i have really no detail on this potential issue. BTW, a stack overflow merits a GLSA... anybody knows if 2.2.x was affected or has a link to the patch ? Additionnally, i suggest to remove from the tree the 2.4.x vulnerable versions (x<5). heya sec team, holidays have finished, please vote :) I can't find any details about this issue. So given that impact is unknown I vote NO. OK, so no glsa on this. Is 2.2.x affected ? AMD64 is still with 2.2.11 as the latest stable version. amd64 is done now. Closing with noglsa, feel free to reopen if blabla amd64 is done now. Closing with noglsa, feel free to reopen if blabla |