Description: "Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32."
https://sourceforge.net/p/libpgf/code/147/ https://sourceforge.net/p/libpgf/code/148/ https://www.openwall.com/lists/oss-security/2015/08/25/9
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=40d291110ed8c416b4520e2abf0f194d5bab91c9 commit 40d291110ed8c416b4520e2abf0f194d5bab91c9 Author: Jakov Smolic <jakov.smolic@sartura.hr> AuthorDate: 2020-09-29 07:36:45 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-10-07 19:01:20 +0000 media-libs/libpgf: bump to 7.19.3 Bug: https://bugs.gentoo.org/745165 Package-Manager: Portage-3.0.4, Repoman-3.0.1 Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr> Closes: https://github.com/gentoo/gentoo/pull/17708 Signed-off-by: Sam James <sam@gentoo.org> media-libs/libpgf/Manifest | 1 + media-libs/libpgf/libpgf-7.19.3.ebuild | 38 ++++++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+)
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please vote.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cefaa08227c16dfccade431fb8fb89eaa2dade59 commit cefaa08227c16dfccade431fb8fb89eaa2dade59 Author: Jakov Smolic <jakov.smolic@sartura.hr> AuthorDate: 2020-10-13 10:05:34 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2020-10-13 13:11:48 +0000 media-libs/libpgf: security cleanup Bug: https://bugs.gentoo.org/745165 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr> Closes: https://github.com/gentoo/gentoo/pull/17911 Signed-off-by: Joonas Niilola <juippis@gentoo.org> media-libs/libpgf/Manifest | 1 - media-libs/libpgf/libpgf-6.12.27.ebuild | 40 --------------------------------- 2 files changed, 41 deletions(-)
GLSA Vote: No Repository is clean, all done!
