Summary: | <media-gfx/optipng-0.7.5-r1: buffer overflow | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | sping, tristan |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2015/09/23/4 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 579030 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2015-09-30 07:05:14 UTC
# git show --stat | sed 's,@gentoo.org,@g.o,' commit e64498a11278374b3ea04983586a0ab8f599406e Author: Sebastian Pipping <sping@g.o> Date: Sun Oct 11 21:10:43 2015 +0200 media-gfx/optipng: Apply upstream patch for bug #561882 Package-Manager: portage-2.2.23 .../optipng/files/optipng-0.7.5-gifread.patch | 12 +++++ media-gfx/optipng/optipng-0.7.5-r1.ebuild | 57 ++++++++++++++++++++++ 2 files changed, 69 insertions(+) (In reply to Agostino Sarubbo from comment #0) > @maintainer(s): after the bump, in case we need to stabilize the package, > please let us know if it is ready for the stabilization or not. Green for stabilization from my side. Upstream bug report has been marked publicly readable in the mean time: http://sourceforge.net/p/optipng/bugs/53/ How about cleaning the tree? (In reply to Justin Lecher from comment #3) > How about cleaning the tree? No objections. New GLSA requested. Cleaned: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=77b8e49e04cd340ccc573b437e7c7b15893d5978 This issue was resolved and addressed in GLSA 201608-01 at https://security.gentoo.org/glsa/201608-01 by GLSA coordinator Yury German (BlueKnight). |