On Wed, Nov 16, 2005 at 11:33:35PM +0100, Moritz Muehlenhoff wrote: > Debian Bug Tracking System wrote: > > Changes: > > gdk-pixbuf (0.22.0-11) unstable; urgency=high > > . > > * Fix for integer overflows in io-xpm.c which could be exploited to > > execute > > arbitrary code (CVE-2005-2975 and CVE-2005-2976 from > > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=171900) > > and Fix for endless loop in io-xpm.c which could cause applications to > > hang (CVE-2005-3186 from > > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=171071) > > (closes: #339458) > > Just for the record; the CVE mappings are not correct: > The "DoS through endless loop" issue is CVE-2005-2975, the "n_col" integer > overflow > is CVE-2005-3186 and the "pixels" integer overflow is CVE-2005-2976.
My CVE mappings are based on the redhat bugs where I took the patches from. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
