Summary: | <media-gfx/argyllcms-1.4.0 icclib Use-After-Free handling error (CVE-2012-1616) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michael Harrison <n0idx80> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | dilfridge, mikemol |
Priority: | Normal | Keywords: | STABLEREQ |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/48921 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Michael Harrison
2012-05-20 18:48:18 UTC
Per Dilfridge via IRC: May also affect ghostscript-gpl because it bundles icclib (In reply to comment #1) > Per Dilfridge via IRC: > May also affect ghostscript-gpl because it bundles icclib See bug 206893 for details and progress on this. The icclib in ghostscript is quite old but may carry local fixes. This may help as well: http://www.argyllcms.com/icc_readme.html Andreas, are we ok to stabilize =media-gfx/argyllcms-1.4.0? Tnx. (In reply to comment #3) > This may help as well: http://www.argyllcms.com/icc_readme.html > > Andreas, are we ok to stabilize =media-gfx/argyllcms-1.4.0? Tnx. Sure, go ahead. Great, thanks. Arches, please test and mark stable: =media-gfx/argyllcms-1.4.0 Target keywords : "amd64 x86" *** Bug 416837 has been marked as a duplicate of this bug. *** amd64 stable x86 stable Vulnerable argyllcms version removed from the tree. Thanks everyone GLSA request filed. This issue was resolved and addressed in GLSA 201206-04 at http://security.gentoo.org/glsa/glsa-201206-04.xml by GLSA coordinator Sean Amoss (ackle). |