Summary: | x11-misc/xnview XPM File Handling Buffer Overflow (CVE-2007-2194, CVE-2008-0064, CVE-2008-1461) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Lars Hartmann <lars> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | CC: | denilsonsa, desktop-misc |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/24973/ | ||
Whiteboard: | B2 [maskglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Lars Hartmann
2007-04-23 09:08:49 UTC
maintainers - please provide a fix Latest for Linux is 1.70 (http://perso.orange.fr/pierre.g/xnview/endownloadlinux.html), the advisory doesn't state if it's affected. It's a binary package, so we can't just patch it. If it's confirmed in 1.70 for linux-x86 and/or 1.50 for linux-ppc I'm for masking this as this is a second security bug in it (the first one is http://www.gentoo.org/security/en/glsa/glsa-200512-18.xml). just mailed upstream to get some infos on this. Any news from upstream? Any news with this one? According to Secunia there is still no fix available. I'm for p.mask and removal in 14 days. upstream should release 1.70.2 which fixes this, but I don't know when. I tried to send another e-mail few days ago and I'm waiting for an answer. btw I agree for p.mask until there's a fix available. +# Krzysiek Pawlik <nelchael@gentoo.org> (01 Jul 2007) +# Masked for security bug #175670. +# Waiting for upstream to provide a fixed version. +# If the fix won't be available the package will be removed. +x11-misc/xnview + GLSA 200707-06. Thanks everybody some news: http://secunia.com/advisories/28326/ Dercorny, do you know iif the XPM issue is fixed in version 1.92? CVE-2008-1461 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1461): Buffer overflow in XnView 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long filename argument on the command line. NOTE: it is unclear whether there are common handler configurations in which this argument is controlled by an attacker. Already masked, and maskglsa'd. The Linux build has not been updated since 2006. Can we remove this? Not in tree anymore. If upstream doesn't care about updating their binary blob for security, but does updates for Windows version.. we should we care? Gone. Gone. Gone. Closing since this got maskglsa 200707-06. Thanks, drac. |