Bug 136981 - lesstif suffers from CAN-2004-0687,0688 Xpm problems
Summary: lesstif suffers from CAN-2004-0687,0688 Xpm problems
Status: CLOSED DUPLICATE of bug 135080
Alias: None
Product: Fedora
Classification: Fedora
Component: lesstif
Version: 3
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Thomas Woerner
QA Contact:
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2004-10-24 17:56 UTC by Michal Jaegermann
Modified: 2007-11-30 22:10 UTC (History)
0 users

Clone Of:
Last Closed: 2006-02-21 19:06:36 UTC

Attachments (Terms of Use)

Description Michal Jaegermann 2004-10-24 17:56:18 UTC
Description of problem:

lesstif as present in FC3test includes _two_ copies of Xpm
libraries in lib/Xm/LTXpm.c and in Xm-2.0/Xpm.c.  Although the
second copy does not seem to be really used the first one looks
like it is.  Both these copies clearly inherit stack and integer
overflow problems from the original Xpm libraries.

To make matters more "exciting" these two copies differ by used
symbol names and none follows a pattern used by 'openmotif'
sources.  Sigh!

The same really applies to all distributions which supply/supplied

Version-Release number of selected component (if applicable):

Comment 1 Mark J. Cox 2004-10-27 10:04:09 UTC

*** This bug has been marked as a duplicate of 135080 ***

Comment 2 Red Hat Bugzilla 2006-02-21 19:06:36 UTC
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.