Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 150040 - CAN-2005-0605 XPM buffer overflow
Summary: CAN-2005-0605 XPM buffer overflow
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: xorg-x11
Version: 3
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: X/OpenGL Maintenance List
QA Contact: David Lawrence
URL:
Whiteboard: impact=moderate,public=20050301,sourc...
Depends On:
Blocks: FC3Update
TreeView+ depends on / blocked
 
Reported: 2005-03-01 21:25 UTC by Josh Bressers
Modified: 2008-01-28 16:18 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-04-05 14:08:33 UTC


Attachments (Terms of Use)

Description Josh Bressers 2005-03-01 21:25:32 UTC
+++ This bug was initially created as a clone of Bug #150036 +++

A potential buffer overflow from the use of unsigned integers has been found in
the XPM processing library of xorg.

https://bugs.freedesktop.org/show_bug.cgi?id=1920

Comment 1 Josh Bressers 2005-03-01 21:27:48 UTC
This should also affect FC2

Comment 2 Mike A. Harris 2005-03-07 01:03:47 UTC
Adding to FC3Update tracker

Comment 3 Mark J. Cox 2005-03-21 11:31:58 UTC
setting to moderate severity since only a subset of applications are affected by
this, and many of those do not parse untrusted xpm files.  Applications like the
gimp and others have their own xpm implementations.

Comment 4 Kristian Høgsberg 2005-04-05 14:08:33 UTC
Security updates for FC2 and FC3 have been issued:

  https://www.redhat.com/archives/fedora-announce-list/2005-March/msg00086.html
  https://www.redhat.com/archives/fedora-announce-list/2005-March/msg00085.html

Closing bug.


Note You need to log in before you can comment on or make changes to this bug.