Bug 212696 (CVE-2006-4513)
Summary: | CVE-2006-4513: multiple integer overflows in wv < 1.2.3 | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Ville Skyttä <scop> |
Component: | wv | Assignee: | Aurelien Bompard <gauret> |
Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6 | CC: | extras-qa, fedora-security-list |
Target Milestone: | --- | Keywords: | Reopened, Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4513 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-10-29 18:09:23 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Ville Skyttä
2006-10-28 06:16:08 UTC
Updated to 1.2.4 for FC-5, FC-6 and devel FC-4 seems to have been updated too, but build failed, libgsf-devel >= 1.11.2 not found: http://buildsys.fedoraproject.org/build-status/job.psp?uid=20439 I don't see a devel build either in the failed or succeeded build lists. Devel build re-requested. wv really needs libgsf >= 1.13.0 (in version 1.2.3 too), and this does not exist in FC-4. What should I do ? Perhaps take a look if the fixes are easy to backport as a patch to an older wv version instead of upgrading it? If not, or if you're not (that) interested in FC-4 any more, I'd suggest reverting the upgrade to 1.2.4 in the FC-4 branch in order to provide a clean table for someone else who might be interested in taking a look at fixing it for legacy distro version(s). OK, the patch applies fine on version 1.0.3 and it builds fine. However, I have no FC-4 system to test it on. Since it seems to be a small patch, I've requested the build nevertheless. |