Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 179162 - app-emulation/emul-linux-x86-java-1.6*: internal copy of libpng is vulnerable to CVE-2006-5793
Summary: app-emulation/emul-linux-x86-java-1.6*: internal copy of libpng is vulnerable...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://bugs.sun.com/bugdatabase/view_...
Whiteboard: ~3 [noglsa]
Keywords:
Depends on: 178575
Blocks: java-security
  Show dependency tree
 
Reported: 2007-05-19 22:31 UTC by Sune Kloppenborg Jeppesen
Modified: 2014-06-10 23:50 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen gentoo-dev 2007-05-19 22:31:40 UTC
+++ This bug was initially created as a clone of Bug #178575 +++

As per summary, with the disclosure of OpenJDK sources we can confirm that the libpng copy on it is not patched to fix the vulnerability in summary (CVE-2006-5793), which makes its splashscreen support vulnerable to that issue.
Comment 1 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2007-06-01 07:44:29 UTC
app-emulation/emul-linux-x86-java-1.6* is not stable
Comment 2 Sune Kloppenborg Jeppesen gentoo-dev 2007-06-01 11:04:32 UTC
Eventhough it's not stable it should still be fixed but we won't release a GLSA about it.
Comment 3 Sune Kloppenborg Jeppesen gentoo-dev 2007-08-21 06:17:39 UTC
Caster any news on this one?
Comment 4 Sune Kloppenborg Jeppesen gentoo-dev 2007-11-07 19:53:43 UTC
Caster any news on this one?
Comment 5 Mike Doty (RETIRED) gentoo-dev 2007-11-14 05:02:22 UTC
seems like amd64 isn't needed on this bug yet?  please re-add us when you do.
Comment 6 Sean Amoss gentoo-dev Security 2014-06-10 23:50:22 UTC
app-emulation/emul-linux-x86-java-1.6* is gone and users were advised to update in GLSA 201401-30