Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 574374

Summary: <x11-libs/gtk+--2.24.31: is vulnerable to CVE-2013-7447
Product: Gentoo Security Reporter: Kristian Fiskerstrand (RETIRED) <k_f>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: gnome
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.gnome.org/show_bug.cgi?id=703220
Whiteboard: B3 [noglsa cve]
Package list:
Runtime testing required: ---
Bug Depends on: 587010    
Bug Blocks: 574372    

Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-02-10 21:38:37 UTC 
x11-libs/gtk+:2 is vulnerable to CVE-2013-7447

See tracking bug for details.

kflaptop gtk+-2.24.28 # grep -r "cairo_pixels" -- *
gdk/gdkcairo.c:  guchar *cairo_pixels;
gdk/gdkcairo.c:  cairo_pixels = g_malloc (height * cairo_stride);
Comment 1 Gilles Dartiguelongue (RETIRED) gentoo-dev 2016-10-08 20:32:55 UTC 
This is resolved in gtk+-2.24.31 which is being stabilized in bug #587010.
Comment 2 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-10-05 16:30:13 UTC 
ping

Seems like gtk+ is ok now. Are we ready to close this report?

Thank you,

ChrisADR
Comment 3 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-11-14 02:02:56 UTC 
GLSA Vote: No

Thank you