Summary: | media-gfx/gimp PSD Integer Overflow Vulnerability (CVE-{2007-2949|2006-4519}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | hanno, lars, mjf |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Sune Kloppenborg Jeppesen (RETIRED)
2007-06-14 17:37:31 UTC
Friendly reminder: waiting for upstream and please don't commit anything before the 27th. has this been delayed? didn't see a public advisory anywhere. It's public now. http://secunia.com/advisories/25677/ *** Bug 184141 has been marked as a duplicate of this bug. *** gimp 2.2.16 added, archs, please mark stable. security, please make this bug public. A problem is with 2.3.x. Upstream hasn't released an update and it seems that it's more than just one integer overflow (and they aren't documented properly). I think we can just wait for a new 2.3.x-release. ppc64 stable Stable for HPPA. x86 stable alpha/ia64 stable sparc stable. amd64 stable ppc stable, ready for GLSA. *** Bug 184782 has been marked as a duplicate of this bug. *** GLSA 200707-09 mips stable. |