Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 574374 - <x11-libs/gtk+--2.24.31: is vulnerable to CVE-2013-7447
Summary: <x11-libs/gtk+--2.24.31: is vulnerable to CVE-2013-7447
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [noglsa cve]
Depends on: gnome-3.20-stable
Blocks: CVE-2013-7447
  Show dependency tree
Reported: 2016-02-10 21:38 UTC by Kristian Fiskerstrand (RETIRED)
Modified: 2017-11-14 02:04 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-02-10 21:38:37 UTC
x11-libs/gtk+:2 is vulnerable to CVE-2013-7447

See tracking bug for details.

kflaptop gtk+-2.24.28 # grep -r "cairo_pixels" -- *
gdk/gdkcairo.c:  guchar *cairo_pixels;
gdk/gdkcairo.c:  cairo_pixels = g_malloc (height * cairo_stride);
Comment 1 Gilles Dartiguelongue (RETIRED) gentoo-dev 2016-10-08 20:32:55 UTC
This is resolved in gtk+-2.24.31 which is being stabilized in bug #587010.
Comment 2 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-10-05 16:30:13 UTC

Seems like gtk+ is ok now. Are we ready to close this report?

Thank you,

Comment 3 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-11-14 02:02:56 UTC
GLSA Vote: No

Thank you