Additional integer overflows have been reported to vendor-sec by Suse. These overflows affect the libXpm library. This issue has no set embargo date, but it should come out of embargo soon as the issue has been kicked around for a week or so now. This issue also affects RHEL2.1
Created attachment 105378 [details] Proposed patch for this issue.
Some more libXpm issues have arisen today. I should have relevant information updated shortly.
The current embargo date for this issue has been moved to 2004-11-03
Embargo moved by SUSE to Nov17th 1400UTC
Fixed in XFree86-4.3.0-77.EL
This bug shouldn't be closed until we release our errata. Reopening.
Errata are passed on to QA, setting to MODIFIED. RHSA-2004:612-10: http://porkchop.devel.redhat.com/errata/erratainfo.cgi?advisory=2004%3A610 RHSA-2004:610-08: http://porkchop.devel.redhat.com/errata/erratainfo.cgi?advisory=2004%3A612
Removing embargo
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2004-610.html
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2004-612.html