Re: CVE-2012-2763

To: "Yves-Alexis Perez" <corsac@debian.org>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: CVE-2012-2763
From: mancha@mac.hush.com
Date: Mon, 09 Jul 2012 08:52:51 -0500
Message-id: <[🔎] 20120709135252.246B414DBD8@smtp.hushmail.com>

On 07/07/2012 at 7:35 AM, Yves-Alexis Perez <corsac@debian.org> wrote:
>
>On ven., 2012-07-06 at 07:22 -0500, mancha@mac.hush.com wrote:
>> Re: http://security-tracker.debian.org/tracker/CVE-2012-2763
>> 
>> Working with upstream, I cherry-picked the code in gimp 2.8 which
>> fixes this buffer overflow vulnerability in the script-fu server.
>> 
>> The attached patch fixes the issue in gimp 2.6.x.
>> 
>Hi, thank you for your work. Can you prepare a package for Squeeze 
>and
>provide the debdiff?
>
>Regards,
>-- 
>Yves-Alexis

Hi. You're very welcome.

Actually, I don't use Debian-Squeeze but noticed on the reference
url that it was vulnerable to this CVE. Feel free to use my fix.

Regards.

Reply to:

Prev by Date: External check
Next by Date: External check
Previous by thread: Re: CVE-2012-2763
Next by thread: CVE-2012-0859
Index(es):
- Date
- Thread