This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 197193 - Memory leak in XmGetVisibility() still present in 2.2.3
Memory leak in XmGetVisibility() still present in 2.2.3
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: openmotif (Show other bugs)
4
All Linux
medium Severity high
: ---
: ---
Assigned To: Thomas Woerner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-06-29 01:46 EDT by Dmitry Bolkhovityanov
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-08-29 08:24:03 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Dmitry Bolkhovityanov 2006-06-29 01:46:20 EDT
Description of problem:
The memory leak in XmGetVisibility(), despite declared as fixed in
OpenMotif-2.2.3, is STILL THERE, affecting all RedHat/Fedora releases upto FC4
inclusive.
The bug was really fixed in OpenMotif-2.3, so that FC5 is safe.
Since this serious bug is present in almost ALL RH/FC releases, it is definitely
worth an update.

Version-Release number of selected component (if applicable):
2.2, 2.3

How reproducible:
Always

Additional info:
Ironically, it WAS fixed in 2.1 for RHEL, but not in 2.2 series.
This is OpenMotif #1134, details are at
http://bugs.motifzone.net/show_bug.cgi?id=1134
The fix is trivial -- to "backport" the lib/Xm/Traversal.c, which only differs
in several-lines-fix for this bug (some care should be taken, since 2.3's fixed
version is OLDER than buggy 2.2.3's).
Comment 1 Christian Iseli 2007-01-22 05:35:48 EST
This report targets the FC3 or FC4 products, which have now been EOL'd.

Could you please check that it still applies to a current Fedora release, and
either update the target product or close it ?

Thanks.
Comment 2 Dmitry Bolkhovityanov 2007-01-22 07:32:29 EST
I can answer even without any further testing: FC5 and FC6 ARE SAFE.
That's because only 2.2 is vulnerable, while FC5 is shipped with openmotif-2.3
(which is already okay), and FC6 doesn't include openmotif at all (due to that
stupid licence problem).

And -- yes, I did tests with FC5 at the time of writing this bugreport, and
those had confirmed that this bug is fixed there.

However, Christian, if you have any connection to RHEL stuff -- RHEL can still
be vulnerable, since in ships 2.*2*, which was vulnerable in June-2006 and
wasn't updated since that time. And RHEL wouldn't be EOL'd for long time...
Comment 3 Thomas Woerner 2007-08-29 08:24:03 EDT
FC-3 and FC-4 are EOL and it has been fixed for the RHEL packages already. 

Closing as NOT A BUG.

Note You need to log in before you can comment on or make changes to this bug.