Bug#272166: vulnerable to holes fixed by DSA-549-1
Sebastien Bacher
Sebastien Bacher <seb128@debian.org>, 272166@bugs.debian.org
Sat, 18 Sep 2004 01:32:34 +0200
Le vendredi 17 septembre 2004 =E0 19:09 -0400, Joey Hess a =E9crit :
> Package: gtk+2.0
> Severity: grave
>=20
> For the record: This package is vulnerable to the security holes fixed
> in stable by DSA-549-1. The CAN numbers of these security holes are
> CAN-2004-0782 CAN-2004-0783 CAN-2004-0788.
Is there a problem with the package uploaded today ? If not the bug
should probably be tagged + sarge ...
gtk+2.0 (2.4.9-2) unstable; urgency=3Dhigh
.
* debian/patches/002_xpmico.patch:
- fix CAN-2004-0782 Heap-based overflow in pixbuf_create_from_xpm.
- fix CAN-2004-0783 Stack-based overflow in xpm_extract_color.
- fix CAN-2004-0788 ico loader integer overflow.
Thanks,
Sebastien Bacher