Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

Loic Minier wrote: > On Mon, Nov 21, 2005, Martin Schulze wrote: > > > I found the vulnerability matrix by Moritz Muehlenhoff useful: > > >Woody gtk2 Woody gdk-pixbuf Sarge gtk2 Sarge > > > gdk-pixbuf > > > CVE-2005-29751170 2841170 284 >

Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

On Mon, Nov 21, 2005, Martin Schulze wrote: > > I found the vulnerability matrix by Moritz Muehlenhoff useful: > >Woody gtk2 Woody gdk-pixbuf Sarge gtk2 Sarge gdk-pixbuf > > CVE-2005-29751170 2841170 284 > > CVE-2005-29761317 41

Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

Loic Minier wrote: > Sorry for the delay. You can grab the proposed fixes in: > (87M) > MD5: 56148df50af6e28beaca57e4fa3bf6cc Thanks a lot! Packages are building already. > I found the vulnerability matrix by Moritz Muehlenhoff u

Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

tags 339431 + pending patch thanks Hi, Sorry for the delay. You can grab the proposed fixes in: (87M) MD5: 56148df50af6e28beaca57e4fa3bf6cc I found the vulnerability matrix by Moritz Muehlenhoff useful: Woo

Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

Loic Minier wrote: > The Redhat security advisory also fixes CVE-2005-2975, for which I see > no entry in the Debian changelog, could you please investifate on this > id and report whether gtk1 and gtk2 are affected for Debian? The vulnerability matrix for Woody and Sarge (the entries are the l

Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

Loic Minier wrote: > > An integer overflow in gdk-pixbuf's XPM rendering code can be exploited > > to overwrite the heap and exploit arbitrary code through crafted images. > > Please see > > www.idefense.com/application/poi/display?id=339&type=vulnerabilities > > for more details. > > Did you id

Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

On Wed, Nov 16, 2005 at 02:05:11PM +0100, Loic Minier wrote: > Security team, did you start work on CVE-2005-3186 and CVE-2005-2975, > CVE-2005-2976 (not described in this report)? Ubuntu has released some > packages which might help . > Do you need the Gt

Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

clone 339431 -1 reassign -1 gdk-pixbuf thanks Hi, I believe gdk-pixbuf is affected as well. I suppose you can grab useful patches from the Ubuntu security fixes: Cheers, -- Loïc Minier <[EMAIL PROTECTED]> "What do we want? BRAINS!When

Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

Security team, did you start work on CVE-2005-3186 and CVE-2005-2975, CVE-2005-2976 (not described in this report)? Ubuntu has released some packages which might help . Do you need the Gtk maintainers to prepare an upload for stable? Uploads are being pre

Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

tags 339431 + patch thanks On Wed, Nov 16, 2005, Moritz Muehlenhoff wrote: > An integer overflow in gdk-pixbuf's XPM rendering code can be exploited > to overwrite the heap and exploit arbitrary code through crafted images. > Please see > www.idefense.com/application/poi/display?id=339&type=vulne

Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

Package: gtk+2.0 Severity: grave Tags: security Justification: user security hole An integer overflow in gdk-pixbuf's XPM rendering code can be exploited to overwrite the heap and exploit arbitrary code through crafted images. Please see www.idefense.com/application/poi/display?id=339&type=vulnera