Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 574376 - <media-gfx/eom-1.10.5-r2: integer overflow (CVE-2013-7447)
Summary: <media-gfx/eom-1.10.5-r2: integer overflow (CVE-2013-7447)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://github.com/mate-desktop/eom/i...
Whiteboard: B3 [noglsa]
Keywords:
Depends on: 579644
Blocks: CVE-2013-7447
  Show dependency tree
 
Reported: 2016-02-10 21:44 UTC by Kristian Fiskerstrand (RETIRED)
Modified: 2017-01-01 11:45 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-02-10 21:44:17 UTC
media-gfx/eom is vulnerable to CVE-2013-7447

See tracking bug for details.

##
kflaptop eom-1.8.0 # grep -r "cairo_pixels" -- *
src/eom-print-preview.c:  guchar *cairo_pixels;
src/eom-print-preview.c:  cairo_pixels = g_malloc (height * cairo_stride);
Comment 1 Adam Feldman gentoo-dev 2016-05-11 01:16:32 UTC
Fixed in 1.10.5-r2 in 78f56defd00d1056babb584f8fec806b1c60c329.  Not fixing 1.8.x.  Planning on dropping that as soon as 1.10.x is stabilized.  Marking this bug dependent on that stabilization.
Comment 2 Adam Feldman gentoo-dev 2016-08-06 14:38:09 UTC
Vulnerable versions no longer in tree.