Bug 175414 - CVE-2004-0941 additional overflows in gd
Summary: CVE-2004-0941 additional overflows in gd
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: gd   
(Show other bugs)
Version: 4
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Adam Tkac
QA Contact:
URL:
Whiteboard: public=20041110,impact=moderate
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-12-09 22:06 UTC by Josh Bressers
Modified: 2013-04-30 23:33 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-31 14:00:21 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
gd-2.0.33-CVE-2004-0941.patch (2.06 KB, patch)
2006-01-23 08:48 UTC, Jitka Kozana
no flags Details | Diff

Description Josh Bressers 2005-12-09 22:06:18 UTC
+++ This bug was initially created as a clone of Bug #175413 +++

Whilst creating a patch for CVE-2004-0990, Phil Knirsch discovered
addiitonal buffer overflow in the gd package.  These new overflows
affect calls to gdMalloc.

-- Additional comment from mjc@redhat.com on 2004-11-11 05:47 EST --
Created an attachment (id=106484)
Patch for CVE-2004-0990 and CVE-2004-0941


Please note that CVE-2004-0990 does not affect FC4

Comment 1 Jitka Kozana 2006-01-23 08:48:07 UTC
Created attachment 123564 [details]
gd-2.0.33-CVE-2004-0941.patch

I have forward-ported the patch from #138808 to 2.0.33, but it looks different 

from the patch in development.	
 
Please, could you review? See attachment.


Note You need to log in before you can comment on or make changes to this bug.