Summary: | <media-gfx/xfig-3.2.5c: multiple vulnerabilites (CVE-2009-{4227,4228}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gentoo, pva |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=543905 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=634320 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Stefan Behte (RETIRED)
2009-12-18 01:24:33 UTC
CVE-2009-4228 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4228): Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c. CVE-2009-4227 is fixed in 3.2.5b and stabilization I guess will happen in bug 264575. CVE-2009-4228 - iiuc redhat states fortify features should help us to avoid that problem, but still there is not patch for that issue. treecleaners: - This package is using imake (bug 289296) - Doesn't compile against vanilla libpng 1.4 (bug 308437) - Is vulnerable (this bug) No way, I'm maintaining that package. imake is not a bug. If you have bugs, fill them and assign on me. Is this bug still valid? CVE-2009-4228 is fixed in Xfig 3.2.5c [1] [1] - http://xfig.org/art17.html Maintainers, can we proceed to stabilize =media-gfx/xfig-3.2.5c ? Thanks Yes, go ahead with stabilization: =media-gfx/transfig-3.2.5e =media-gfx/xfig-3.2.5c Stable for HPPA. Builds and runs fine on x86. Rdeps build fine as well. Please mark stable for x86 amd64 stable x86 stable ppc stable ppc64 stable Stable on alpha. sparc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. GLSA has been drafted and is ready for peer-review. Cleanup done. This issue was resolved and addressed in GLSA 201412-14 at http://security.gentoo.org/glsa/glsa-201412-14.xml by GLSA coordinator Sean Amoss (ackle). |