Summary: | media-libs/libpng<1.2.34 png_check_keyword memory overwrite (CVE-2008-5907) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://openwall.com/lists/oss-security/2009/01/09/1 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Stefan Behte (RETIRED)
2009-01-17 00:47:28 UTC
base-system: can this go stable? The summary is misleading as it includes version 1.2.34 which seems to be unaffected. Thanks, fixed. ive seen no regressions with 1.2.34 ... it's fine to stabilize Arches, please test and mark stable: =media-libs/libpng-1.2.34 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" Sparc stable (I've been using it with no problems for 3 or 4 weeks now). ppc stable Stable on alpha. amd64/x86 stable Stable for HPPA. ppc64 done ia64: *ping* GLSA together with bug 244808. ia64 stable Redhat is disputing this issue: http://thread.gmane.org/gmane.comp.security.oss.general/1375 GLSA 200903-28 |