"1) CVE-2022-46285: Infinite loop on unclosed comments 2) CVE-2022-44617: Runaway loop on width of 0 and enormous height 3) CVE-2022-4883: compression commands depend on $PATH" Please bump to 3.5.15.
ping. I did take a look at this but couldn't do it myself as was unsure what to do wrt new config options.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=414462335909ac1cdfa276058238304228c7b129 commit 414462335909ac1cdfa276058238304228c7b129 Author: Matt Turner <mattst88@gentoo.org> AuthorDate: 2023-04-17 20:33:54 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2023-04-17 20:34:56 +0000 x11-libs/libXpm: Version bump to 3.5.16 Bug: https://bugs.gentoo.org/891209 Signed-off-by: Matt Turner <mattst88@gentoo.org> x11-libs/libXpm/Manifest | 1 + x11-libs/libXpm/libXpm-3.5.16.ebuild | 41 ++++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+)
commit 08bafdc67f518b3159d0ae291d6a8bfe29f95213 Author: Matt Turner <mattst88@gentoo.org> Date: Mon Jun 5 11:30:22 2023 -0400 x11-libs/libXpm: Drop old versions
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=d249388c2be16bdcae27a37364e00167f2e41221 commit d249388c2be16bdcae27a37364e00167f2e41221 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-08-07 05:22:06 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-08-07 05:22:24 +0000 [ GLSA 202408-03 ] libXpm: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/891209 Bug: https://bugs.gentoo.org/915130 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202408-03.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+)