Bug#700308: src:pixman: CVE-2013-1591
On Mon, Feb 11, 2013 at 14:40:21 +0100, Helmut Grohne wrote:
> Package: src:pixman
> Severity: grave
> Tags: security
>
> The pixman library may be affected by CVE-2013-1591.
>
> | Stack-based buffer overflow in libpixman, as used in Pale Moon before
> | 15.4, has unspecified impact and attack vectors.
>
> The only references I could find so far were:
>
> http://www.palemoon.org/releasenotes-ng.shtml
> http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1591.html
>
> Please investigate which pixman versions (if any) are affected by this
> issue and update version information for this bug report.
>
15:31 < mdeslaur> jcristau: this seems to be the only difference in pale
moon: http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f
haven't had a chance to look when that was introduced yet, that may have
to wait a couple days.
Cheers,
Julien
Reply to: