Summary: | <media-libs/jbig2dec-0.13-r1: Heap-buffer overflow due to Integer overflow in jbig2_image_new function | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | Flags: | stable-bot:
sanity-check+
|
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa cve] | ||
Package list: |
=media-libs/jbig2dec-0.13-r1
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 545234 |
Description
Thomas Deutschmann (RETIRED)
2017-01-25 15:01:26 UTC
According to https://bugs.ghostscript.com/show_bug.cgi?id=697457#c12 upstream is planning release not before March 2017. That's why we are asking maintainer(s) for cherry-picking. Arches please test and stabilize, target all stable arches =media-libs/jbig2dec-0.13-r1 An automated check of this bug failed - the following atom is unknown: media-libs/jbig2dec-0.13-r1 Please verify the atom list. Stable on alpha. Stable for HPPA. amd64 stable x86 stable ppc64 stable. ppc stable sparc stable arm stable ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Vulnerable versions removed Arches and Maintainer(s), Thank you for your work. New GLSA Request filed. Nothing to do for graphics here anymore. This issue was resolved and addressed in GLSA 201706-24 at https://security.gentoo.org/glsa/201706-24 by GLSA coordinator Kristian Fiskerstrand (K_F). |