Summary: | <media-libs/gd-2.1.1: buffer read overflow in gd_gif_in.c (CVE-2014-9709) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | graphics+disabled, vapier |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bitbucket.org/libgd/gd-libgd/commits/47eb44b2e90ca88a08dca9f9a1aa9041e9587f43 | ||
See Also: |
https://bugzilla.redhat.com/show_bug.cgi?id=1188639 https://bugs.gentoo.org/show_bug.cgi?id=549978 |
||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2015-02-03 16:32:11 UTC
gd-2.1.1 is in the tree now, but will want to give it time to bake fine to stabilize 2.1.1-r1 amd64 : ok (builds) Couldn`t test functionality. amd64 stable x86 stable Stable for HPPA PPC64. ppc stable sparc stable arm stable alpha stable ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Arches and Maintainer(s), Thank you for your work. New GLSA Request filed. Also probably does not matter since in bug 571690 a newer version is stabilized, but arm was never marked as stable for this version in tree. Maintainer(s), please drop the vulnerable version(s). old versions removed. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13f429c8a0b8dd1d56e98c84108a20b5b5db9d6f Arches and Maintainer(s), Thank you for your work. This issue was resolved and addressed in GLSA 201607-04 at https://security.gentoo.org/glsa/201607-04 by GLSA coordinator Aaron Bauman (b-man). |