Torsten Schönfeld wrote (28 Jan 2015 16:06:33 GMT) : > intrigeri <intrigeri+deb...@boum.org>: >> Brian Manning wrote (28 Jan 2015 02:10:23 GMT) : >> > Overview of changes in Gtk2 1.2495 (stable) [2015-01-27] >> > ======================================================== >> >> > * Fix incorrect memory management in Gtk2::Gdk::Display::list_devices >> >> Did that bug have any security implication?
> The code was freeing memory that gtk+ still holds onto and might access > later. So, > yes, it is conceivable that this can be exploited. Thanks. I've not seen a CVE request on oss-security (could have missed it, though). Will it be allocated in another way, e.g. from the Red Hat pool? A CVE would help distros a lot. Cheers, -- intrigeri _______________________________________________ gtk-perl-list mailing list gtk-perl-list@gnome.org https://mail.gnome.org/mailman/listinfo/gtk-perl-list
