|Summary:||x11-libs/lesstif Xpm lib vulnerable to CAN-2004-0914|
|Product:||Gentoo Security||Reporter:||Thierry Carrez (RETIRED) <koon>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Package list:||Runtime testing required:||---|
Description Thierry Carrez (RETIRED) 2005-01-18 02:34:58 UTC
Extracts from bug 71642: ===================================================================== libXpm is a library for manipulating pixmaps used by the X Window System. After the release of the X11R6.8.1 security release, a more extensive security audit was made. Several integer overflows and out-of-bounds memory accesses have been identified and fixed, a path traversal has been fixed and shell command execution has been made more secure. This new fix also addresses possible endless loops and memory leaks. These vulnerabilities may allow an application linking against libXpm to crash, to become unusable, or to execute other code of a user running an application linked against libXpm. All X.Org release up to and including R6.8.1 are vulnerable. Products like XFree86, lesstif and OpenMotif, which include libXpm are likely to be affected. ============================================================ This is something we should verify.
Comment 1 Stefan Cornelius (RETIRED) 2005-01-19 08:25:48 UTC
CAN-2004-0914 patch needs to be applied. In file lesstif-0.93.97/lib/Xm-2.1/Xpm.c are unpatched functions so I think lesstif vulnerable and has to be fixed, too. For example right at the start: LFUNC(FreeOldColorTable, void, (XpmColor **colorTable, int ncolors)); should be LFUNC(FreeOldColorTable, void, (XpmColor **colorTable, unsigned int ncolors));
Comment 2 Sune Kloppenborg Jeppesen 2005-01-19 10:56:10 UTC
Heinrich you did the last security bump, please advise.
Comment 3 Thierry Carrez (RETIRED) 2005-01-27 05:39:41 UTC
lesstiff 0.94 fixes all the Xpm thingies. A bump to that version will solve this bug.
Comment 4 Heinrich Wendel (RETIRED) 2005-02-01 10:31:16 UTC
lessitf-0.94.0 is now in portage
Comment 5 Matthias Geerdsen (RETIRED) 2005-02-01 13:20:09 UTC
arches, pls test and mark stable... lesstif-0.94.0-r1.ebuild: current KEYWORDS="~x86 ~ppc ~sparc ~amd64 ~ppc64 ~hppa ~alpha ~ppc-macos" target KEYWORDS="x86 ppc sparc amd64 ppc64 hppa ~alpha ppc-macos"
Comment 6 Heinrich Wendel (RETIRED) 2005-02-01 14:06:25 UTC
use lesstif-0.94.0.ebuild for now, -r1 is hardmasked to switch to virtual/motif later
Comment 7 Heinrich Wendel (RETIRED) 2005-02-01 14:07:20 UTC
stable on x86 and amd64
Comment 8 Olivier Crete (RETIRED) 2005-02-01 14:18:30 UTC
removing x86 too since lanius marked it..
Comment 9 Jason Wever (RETIRED) 2005-02-02 04:17:35 UTC
Comment 10 Markus Rothe (RETIRED) 2005-02-02 11:48:54 UTC
stable on ppc64
Comment 11 Michael Hanselmann (hansmi) (RETIRED) 2005-02-04 15:48:56 UTC
Stable on ppc. Sorry for the delay.
Comment 12 Thierry Carrez (RETIRED) 2005-02-06 13:12:38 UTC
GLSA 200502-06 hppa, ppc-macos: please mark stable to benefit from GLSA
Comment 13 René Nussbaumer (RETIRED) 2005-06-26 05:43:00 UTC
Already stable on hppa