From ${URL} : An integer underflow flaw was found in pixman when handling trapezoids. If an application used pixman opened a crafted document, it could cause the application to crash. References: http://seclists.org/oss-sec/2013/q4/399 https://bugs.freedesktop.org/show_bug.cgi?id=67484 https://bugs.freedesktop.org/attachment.cgi?id=87925 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Arches, please test and mark stable: =x11-libs/pixman-0.32.4 Target Keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"
Stable for HPPA.
amd64 stable
x86 stable
ppc stable
ppc64 stable
arm stable
alpha stable
sparc stable
ia64 stable. glsa request filed. Maintainer(s), please cleanup.
Old versions dropped.
CVE-2013-6425 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6425): Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.
This issue was resolved and addressed in GLSA 201402-03 at http://security.gentoo.org/glsa/glsa-201402-03.xml by GLSA coordinator Mikle Kolyada (Zlogene).
