Bug 173273 - gtk2 multiple vulnerabilities, CVE-2005-2975, CVE-2005-3186
gtk2 multiple vulnerabilities, CVE-2005-2975, CVE-2005-3186
Status: CLOSED WONTFIX
Product: Fedora Legacy
Classification: Retired
Component: gtk2 (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
LEGACY, NEEDSWORK
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-11-15 15:31 EST by Jeff Sheltren
Modified: 2007-07-16 06:49 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-07-16 06:49:49 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
fix for the problem described in bug #169280 - negative size hints (767 bytes, patch)
2005-11-21 03:24 EST, Michal Jaegermann
no flags Details | Diff
patch for CVE-2005-3186 - integer overflow in xpm loader (595 bytes, patch)
2005-11-21 03:29 EST, Michal Jaegermann
no flags Details | Diff
patch for CVE-2005-2975 - an infinite loop in xpm loader (429 bytes, patch)
2005-11-21 03:31 EST, Michal Jaegermann
no flags Details | Diff

  None (edit)
Description Jeff Sheltren 2005-11-15 15:31:47 EST
A bug was found in the way gtk2 processes XPM images. An attacker could
create a carefully crafted XPM file in such a way that it could cause an
application linked with gtk2 to execute arbitrary code when the file was
opened by a victim. The Common Vulnerabilities and Exposures project has
assigned the name CVE-2005-3186 to this issue.

Ludwig Nussel discovered an infinite-loop denial of service bug in the way
gtk2 processes XPM images. An attacker could create a carefully crafted XPM
file in such a way that it could cause an application linked with gtk2 to
stop responding when the file was opened by a victim. The Common
Vulnerabilities and Exposures project has assigned the name CVE-2005-2975
to this issue.

See: https://rhn.redhat.com/errata/RHSA-2005-811.html
Comment 1 Michal Jaegermann 2005-11-21 03:24:55 EST
Created attachment 121291 [details]
fix for the problem described in bug #169280 - negative size hints

These three patches, to be added on the top of gtk2-2.0.2-4.2.legacy.src.rpm,
are re-diffed from patches used in a version 2.2.4 and to be applied for RH7.3.
Comment 2 Michal Jaegermann 2005-11-21 03:29:05 EST
Created attachment 121292 [details]
patch for CVE-2005-3186 - integer overflow in xpm loader
Comment 3 Michal Jaegermann 2005-11-21 03:31:17 EST
Created attachment 121293 [details]
patch for CVE-2005-2975 - an infinite loop in xpm loader

Note You need to log in before you can comment on or make changes to this bug.