Bug#339431: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code

[Martin Schulze]

Loic Minier wrote:
>  Sorry for the delay.  You can grab the proposed fixes in:
>     <http://people.dooz.org/~lool/debian/gtk-gdk-cves.tgz> (87M)
>      MD5: 56148df50af6e28beaca57e4fa3bf6cc

Thanks a lot!  Packages are building already.

>  I found the vulnerability matrix by Moritz Muehlenhoff useful:
>                Woody gtk2   Woody gdk-pixbuf   Sarge gtk2   Sarge gdk-pixbuf
> CVE-2005-2975    1170         284                1170         284
> CVE-2005-2976    1317         413                ----         413
> CVE-2005-3186    1255         359                1256         359

What's the meaning of the numbers above?

I had to rebuild the woody packages since you've built them for
'stable-security' instead of 'oldstable-security', and by that
I've also used woody3 instead of woody2.1, so the version is not
needlessly prolongued.

Could you tell us as well which versions in sid fix these problems?

Regards,

	Joey

-- 
If you come from outside of Finland, you live in wrong country.
	-- motd of irc.funet.fi

Please always Cc to me when replying to me on the lists.