Red Hat Bugzilla – Bug 198270
CVE-2006-3404 gimp xcf buffer overflow
Last modified: 2007-11-30 17:11:37 EST
+++ This bug was initially created as a clone of Bug #198269 +++
gimp xcf buffer overflow
Henning Makholm discovered a buffer overflow bug in gimp's XCF loader.
It is possible to overflow a static buffer with arbitrary data, which
could likely result in arbitrary code execution.
The upstream bug contains the patch:
This issue should also affect FC4
Created attachment 132207 [details]
updated gcc4 patch ...
gimp-2.2.12 has already been built for FC4, FC5 and Rawhide and waits for
pushing. Jens, thanks for the updated patch but with 2.2.12 it is no longer
necessary as upstream just uses -mmmx, -msse and so on to build these asm source