Summary: | <x11-libs/libXcursor-1.1.15: Heap overflows when parsing malicious files | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Ian Zimmerman <nobrowser> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | x11 |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://marc.info/?l=freedesktop-xorg-announce&m=151188036018262&w=2 | ||
Whiteboard: | A3 [glsa cve] | ||
Package list: |
=x11-libs/libXcursor-1.1.15
|
Runtime testing required: | --- |
Description
Ian Zimmerman
2017-11-28 15:59:53 UTC
Thanks for the report Ian. @maintainter(s): after bump, please call for stabilization when ready, thank you. Gentoo Security Padawan (jmbailey/mbailey_j) Now in tree. Please proceed with stabilization. amd64 stable x86 stable sparc stable (thanks to Rolf Eike Beer) Stable on alpha. hppa/ia64/ppc/ppc64 stable arm stable, all arches done. Thank you A/Ts, maintainter(s), please cleanup. Gentoo Security Padawan (Jmbailey/mbailey_j) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=301bb79cee5d82e534147d942089cabaf940a3d8 commit 301bb79cee5d82e534147d942089cabaf940a3d8 Author: Matt Turner <mattst88@gentoo.org> AuthorDate: 2018-01-05 18:50:13 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2018-01-05 18:50:29 +0000 x11-libs/libXcursor: Drop vulnerable version Bug: https://bugs.gentoo.org/639062 x11-libs/libXcursor/Manifest | 1 - x11-libs/libXcursor/libXcursor-1.1.14.ebuild | 22 ---------------------- 2 files changed, 23 deletions(-)} New GLSA request filed. This issue was resolved and addressed in GLSA 201801-04 at https://security.gentoo.org/glsa/201801-04 by GLSA coordinator Aaron Bauman (b-man). |