[Bug 19702] CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code
bugzilla-daemon at bugzilla.ubuntu.com
bugzilla-daemon at bugzilla.ubuntu.com
Sun Nov 20 22:02:26 UTC 2005
Please do not reply to this email. You can add comments at
http://bugzilla.ubuntu.com/show_bug.cgi?id=19702
Ubuntu | gtk+2.0
------- Additional Comments From debzilla at ubuntu.com 2005-11-20 22:02 UTC -------
Message-ID: <20051120210918.GB25623 at bugs.debian.org>
Date: Sun, 20 Nov 2005 22:09:18 +0100
From: Loic Minier <lool at dooz.org>
To: Steve Kemp <skx at debian.org>
Cc: Moritz Muehlenhoff <jmm at inutil.org>, 339431 at bugs.debian.org,
team at security.debian.org, control at bugs.debian.org
Subject: Re: Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code
tags 339431 + pending patch
thanks
Hi,
Sorry for the delay. You can grab the proposed fixes in:
<http://people.dooz.org/~lool/debian/gtk-gdk-cves.tgz> (87M)
MD5: 56148df50af6e28beaca57e4fa3bf6cc
I found the vulnerability matrix by Moritz Muehlenhoff useful:
Woody gtk2 Woody gdk-pixbuf Sarge gtk2 Sarge gdk-pix=
buf
CVE-2005-2975 1170 284 1170 284
CVE-2005-2976 1317 413 ---- 413
CVE-2005-3186 1255 359 1256 359
Fixed-in: 2.0.2-5woody2.1 0.17.0-2woody2.1 2.6.4-3.1 0.22.0-8.1
Let me know if you have issues with this.
Cheers,
--=20
Lo=EFc Minier <lool at dooz.org>
--
Configure bugmail: http://bugzilla.ubuntu.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the desktop-bugs
mailing list