Summary: | <media-gfx/gif2png-2.5.14: Memory leak in writefile() (CVE-2019-17371) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | graphics+disabled, maintainer-needed, sam |
Priority: | Normal | Keywords: | CC-ARCHES |
Version: | unspecified | Flags: | nattka:
sanity-check+
|
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=688702 https://bugs.gentoo.org/show_bug.cgi?id=724518 |
||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
media-gfx/gif2png-2.5.14
|
Runtime testing required: | --- |
Bug Depends on: | 688702 | ||
Bug Blocks: |
Description
GLSAMaker/CVETool Bot
2020-04-17 21:28:53 UTC
It might just be simpler to package the Go port if the test failure is reproducible: bug 724518. x86 stable amd64 stable Looking good on ppc64. # cat gif2png-717948.report USE tests started on Do 4. Mär 19:35:18 CET 2021 FEATURES=' test' USE='' succeeded for =media-gfx/gif2png-2.5.14 USE='' succeeded for =media-gfx/gif2png-2.5.14 Looking good on ppc. # cat gif2png-717948.report USE tests started on Sa 6. Mär 19:27:20 CET 2021 FEATURES=' test' USE='' succeeded for =media-gfx/gif2png-2.5.14 USE='' succeeded for =media-gfx/gif2png-2.5.14 (In reply to ernsteiswuerfel from comment #5) > Looking good on ppc. > > # cat gif2png-717948.report > USE tests started on Sa 6. Mär 19:27:20 CET 2021 > > FEATURES=' test' USE='' succeeded for =media-gfx/gif2png-2.5.14 > USE='' succeeded for =media-gfx/gif2png-2.5.14 ppc, ppc64 stable, thanks! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=364b7b9d9ca03d1f29826e4a9dbc799da17412e1 commit 364b7b9d9ca03d1f29826e4a9dbc799da17412e1 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-03-16 19:28:31 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-03-16 19:55:45 +0000 media-gfx/gif2png: drop 2.5.9, 2.5.12 Bug: https://bugs.gentoo.org/717948 Signed-off-by: Sam James <sam@gentoo.org> media-gfx/gif2png/Manifest | 2 -- .../gif2png/files/gif2png-2.5.12-makefile.patch | 42 ---------------------- media-gfx/gif2png/gif2png-2.5.12.ebuild | 37 ------------------- media-gfx/gif2png/gif2png-2.5.9.ebuild | 19 ---------- 4 files changed, 100 deletions(-) |