With an unsigned i a buffer overflow will occur in loops like for( i-- >= 0) { copy something }. Original Patch can be found on bug 83598, though it might require adaptation.
*** Bug 83656 has been marked as a duplicate of this bug. ***
Patch for lesstif (http://bugs.gentoo.org/attachment.cgi?id=52465&action=view) applies to 2.2.3 and 2.1.30 : $ cd openMotif-2.2.3/lib/Xm $ patch -p3 < ~/lesstif-CAN-2005-0605.patch patching file Xpmscan.c Hunk #1 succeeded at 594 (offset -78 lines). Hunk #2 succeeded at 606 (offset -78 lines). patching file Xpmcreate.c Hunk #1 succeeded at 1171 (offset -94 lines). $ cd motif/lib/Xm $ patch -p3 < ~/lesstif-CAN-2005-0605.patch patching file Xpmscan.c Hunk #1 succeeded at 589 (offset -83 lines). Hunk #2 succeeded at 601 (offset -83 lines). patching file Xpmcreate.c Hunk #1 succeeded at 1166 (offset -99 lines).
applied in openmotif-2.2.3-r3 and openmotif-2.1.30-r9, please test these (not openmotif-2.2.3-r4 and openmotif-2.1.30-r10!!!!!)
Arches, please test and mark stable openmotif-2.2.3-r3 and openmotif-2.1.30-r9 (and not the revision above).
done for amd64/x86
stable on ppc64
Stable on ppc.
Stable ppc-macos.
Stable on SPARC.
Stable on alpha.
GLSA 200503-08 arm hppa ia64 mips: please mark stable to benefit from GLSA
Stable on mips.
Already stable on hppa