gthumb CVE-2018-18718 - CWE-415: Double Free

To: debian-lts@lists.debian.org
Subject: gthumb CVE-2018-18718 - CWE-415: Double Free
From: Herbert Fortes <terberh@gmail.com>
Date: Fri, 2 Nov 2018 08:18:33 -0300
Message-id: <[🔎] 7818438a-95e7-edd7-067e-4ed1c8e8dc92@gmail.com>

Hi,

Gthumb has and CVE[0] issue. But it is an unimportant urgency.

https://gitlab.gnome.org/GNOME/gthumb/issues/18
Crash in end user application, no security impact

[0] - https://security-tracker.debian.org/tracker/CVE-2018-18718

I am not a programmer but I did the patch and uploaded to SID. I
asked an upload to Stretch. If it is accepted I will update the
current backport - 3:3.6.1-1~bpo9+1.

I made the package to Jessie and put at people.debian.org[1].
I am not sure about the version - '+deb8u1' or '~deb8u1'.

[1] - https://people.debian.org/~hpfn/jessie/

If necessary please Cc me. I am not in the list.



Regards,
Herbert

Reply to:

Follow-Ups:
- Re: gthumb CVE-2018-18718 - CWE-415: Double Free
  - From: Herbert Fortes <terberh@gmail.com>
- Re: gthumb CVE-2018-18718 - CWE-415: Double Free
  - From: Markus Koschany <apo@debian.org>

Next by Date: Re: gthumb CVE-2018-18718 - CWE-415: Double Free
Next by thread: Re: gthumb CVE-2018-18718 - CWE-415: Double Free
Index(es):
- Date
- Thread