| Summary: | <media-gfx/icoutils-0.32.2: two invalid memory reads | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | patrick |
| Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | B3 [noglsa] | ||
| Package list: |
media-gfx/icoutils-0.32.2
|
Runtime testing required: | --- |
|
Description
Hanno Böck
2018-02-12 09:16:22 UTC
My original report wasn't entirely accurate. The first bug (52313) is already fixed in 0.31.1, the second (52308) had an incomplete fix in 0.31.1 and a proper fix in 0.32.2. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a0f54022a1bdeef5ab546845376d53867ff112fa commit a0f54022a1bdeef5ab546845376d53867ff112fa Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2018-02-12 09:29:18 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2018-02-12 09:29:39 +0000 media-gfx/icoutils: Security bump to version 0.32.2 Bug: https://bugs.gentoo.org/647378 Package-Manager: Portage-2.3.24, Repoman-2.3.6 media-gfx/icoutils/Manifest | 1 + media-gfx/icoutils/icoutils-0.32.2.ebuild | 49 +++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+)} @Arches please test and mark stable 0.32.2 Thank you x86 stable amd64 stable ppc stable. all arches stable Thank you all, GLSA Vote: No. |
