[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: any DSA for CAN-2004-1026 ?

Christophe Chisogne <christophe <at> publicityweb.com> writes:
> Seems imlib has multiple overflows vulnerabilities [1,2,3].

Just to clarify: These are three different references for the same "multiple
vulnerabilities"-bug not three different vulnerabilities.
(imlib-more-xpm-fixes.patch in Suse's 188.2 is identical to Gentoo's

> Are Woody/Sarge vulnerable? Is a DSA in preparation for it?
> [1] imlib: Buffer overflows in image decoding
> http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml
> [2] CAN-2004-1026
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026
> [3] SUSE Security Summary Report SUSE-SR:2004:003
> http://www.suse.de/de/security/2004_03_sr.html

Debian bugreports have already been filed: #284925 (imlib and imlib+png2) and
#285138 (imlib2).
          cu andreas

Reply to: