Summary: | kde-base/kdegraphics-kfile-plugins JPEG-EXIF File Information DoS vulnerability (CVE-2006-6297) | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> | ||||||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | normal | CC: | kde | ||||||||
Priority: | High | ||||||||||
Version: | unspecified | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
URL: | http://www.kde.org/info/security/advisory-20061129-1.txt | ||||||||||
Whiteboard: | B3 [glsa] jaervosz | ||||||||||
Package list: | Runtime testing required: | --- | |||||||||
Attachments: |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2006-11-22 08:11:14 UTC
Created attachment 102561 [details, diff]
post-3.5.5-kdegraphics.diff
Created attachment 102565 [details]
kdegraphics-kfile-plugins-3.5.5-r1.ebuild
Created attachment 102566 [details]
kdegraphics-3.5.5-r1.ebuild
security liaisons, please test the ebuilds and report here if they can be marked stable, do not commit anything yet target keywords kdegraphics: "alpha amd64 hppa ia64 mips ppc ppc64 sparc x86" kdegraphics-kfile-plugins: "alpha amd64 ia64 ppc ppc64 sparc x86 ~x86-fbsd" I'm getting consistent "The process for the file protocol died unexpectedly" on kde startup with 3.5.5-r1. Any hints on how to debug this? this looks good on ppc64. I'm not getting the message from comment #5. Sorry for the delay. This one is public now. Please commit a fixed ebuild. Ebuilds in tree, enjoy. Thx Diego. Arches please test and mark stable. Target keywords are: kdegraphics-kfile-plugins-3.5.5-r1.ebuild:KEYWORDS="alpha amd64 ia64 ppc ppc64 sparc x86 ~x86-fbsd" x86 done ppc64 stable Stable on Alpha + ia64. kdegraphics and kdegraphics-kfile-plugins 3.5.5-r1 ppc stable. Looks like kdegraphics has been forgotten ... Thx for the pointer Tobias. Adding back arches to mark kdegraphics-3.5.5-r1 stable. stable on hppa. kdegraphics-3.5.5-r1 stable on Alpha + ia64. Stable on x86 ppc64 stable AMD64 (or rather Intel64 ;)) done. SPARC stable theorically we have to vote on this and i would vote for a GLSA, because kde is so common and it's so easy to trigger... (nearly A3 IMHO in fact) yes++ Another YES vote. GLSA 200701-05 |