| Summary: | media-libs/cimg: memory leak | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Filip Kobierski <fkobi> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | UNCONFIRMED --- | ||
| Severity: | trivial | CC: | ajak, fkobi, maintainer-needed |
| Priority: | Normal | Keywords: | PullRequest |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://github.com/eddieantonio/imgcat/issues/49 | ||
| See Also: | https://bugs.gentoo.org/show_bug.cgi?id=939030 | ||
| Whiteboard: | ~4 [ebuild/upstream] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Filip Kobierski
2024-09-04 07:35:25 UTC
I see no references to this issue in the cimg repository. It looks like this was never reported there and we can't be sure if this is fixed somewhere. Filip: you claim that your PR fixes this, can you explain how this is fixed? Ping, fkobi? I'll admit, I was going by repology's CVE list https://repology.org/project/cimg/cves My PR was not fixing the issue within the code but dropping the effected version. This was registered as an issue with imgcat which said that it's a problem with cimg. I do not see the issue mentioned in cimg's repo... I think this CVE is messy and I would be willing to close this bug. There's no hard definition of what causes the bug, just a report of something going wrong. If we don't know what's wrong how can we know it is fixed? (In reply to Filip Kobierski from comment #3) > This was registered as an issue with imgcat which said that it's a problem > with cimg. I do not see the issue mentioned in cimg's repo... > I think this CVE is messy and I would be willing to close this bug. > There's no hard definition of what causes the bug, just a report of something > going wrong. If we don't know what's wrong how can we know it is fixed? The cimg person/people would be the people best able to figure out what's really wrong, if anything. |
