Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 235416 - CVE-2004-1025, CVE-2004-1026: imlib integer/buffer overflows
Summary: CVE-2004-1025, CVE-2004-1026: imlib integer/buffer overflows
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: imlib
Version: 6
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Paul Howarth
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-04-05 16:43 UTC by Ville Skyttä
Modified: 2014-10-09 18:40 UTC (History)
3 users (show)

Fixed In Version: 1.9.15-2
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-05-02 15:40:26 UTC


Attachments (Terms of Use)

Description Ville Skyttä 2007-04-05 16:43:43 UTC
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-1025
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-1026

These two old issues appear to be still present in FE6 (1.9.13-*) and devel
(1.9.15-*) imlib packages.  Bug 138516 contains a test case XPM as well as a
patch which should fix these issues.

Comment 1 Paul Howarth 2007-04-10 17:15:42 UTC
It is unfortunate that the security fixes that went into RHEL4 in November 2004
didn't make it into the Fedora Core package at that time.

I've verified that the test pixmap crashes the current imblib (using qiv) and
that the patch from Bug #138516 fixes it.

I've now incorporated that patch in that bug into the 1.9.15-2 package on devel,
and updated FC-6 from 1.9.13-* to 1.9.15-2, which I believe will resolve this
problem for FC-6 onwards. FC-5 (1:1.9.13-27) is probably still vulnerable.
According to comment #2 in Bug #138522 FC-4 included a fix but I've just tried
the test pixmap and it crashes qiv on an FC-4 box.


Comment 2 Matthew Miller 2007-04-10 17:50:21 UTC
> It is unfortunate that the security fixes that went into RHEL4 in November 2004
> didn't make it into the Fedora Core package at that time.

Sadly, this is a perennial problem with Fedora. :(


Note You need to log in before you can comment on or make changes to this bug.