Bug 1127269
Summary: | [CVE-2014-5116] rebuild virt-viewer using new cairo | ||
---|---|---|---|
Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Alon Bar-Lev <alonbl> |
Component: | mingw-virt-viewer | Assignee: | Default Assignee for SPICE Bugs <rh-spice-bugs> |
Status: | CLOSED NOTABUG | QA Contact: | Desktop QE <desktop-qa-list> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | unspecified | CC: | acathrow, alonbl, cfergeau, ecohen, gklein, iheim, marcandre.lureau, mkrcmari, yeylon |
Target Milestone: | --- | ||
Target Release: | 3.6.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | integration | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-08-20 18:25:32 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1124500 |
Description
Alon Bar-Lev
2014-08-06 13:52:34 UTC
From parent bugs, I fail to see what is the actual issue, what is the fix and how virt-viewer would be impacted. imho, we can close until we have an answer to those questions. (In reply to Marc-Andre Lureau from comment #1) > From parent bugs, I fail to see what is the actual issue, what is the fix > and how virt-viewer would be impacted. imho, we can close until we have an > answer to those questions. I am waiting as well for the pvr of cairo that should be used. As far as I understand, as we re-distribute gtk and cairo we should fix our re-distribution, this should be trivial revbump and rebuild. (In reply to Alon Bar-Lev from comment #2) > (In reply to Marc-Andre Lureau from comment #1) > > From parent bugs, I fail to see what is the actual issue, what is the fix > > and how virt-viewer would be impacted. imho, we can close until we have an > > answer to those questions. > > I am waiting as well for the pvr of cairo that should be used. I can't find any upstream gtk or cairo bug and fix. > As far as I understand, as we re-distribute gtk and cairo we should fix our > re-distribution, this should be trivial revbump and rebuild. cherry-picking the fix would be fine too Any update on what is the actual bug/fix? Update: Statement: We do not consider a user-assisted crash of a client application such as Wireshark to be a security issue. For more information please see https://bugzilla.redhat.com/show_bug.cgi?id=1124500#c5 |