Red Hat Bugzilla – Bug 218832
ggv affected by CVE-2006-5864
Last modified: 2013-04-02 00:21:22 EDT
Description of problem:
ggv in src/ps.c is using really the same code as gv. So it is
difficult not to assume that it is not affected by exactly the
same problem as described in bug 215136; which means a possibility
of a remote attack (and the problem is "wide open" on the net).
I have no idea what other packages may be also using the code
in question. Surely other ggv version if they show up in earlier
A patch "translated" to ggv sources is attached.
Version-Release number of selected component (if applicable):
Created attachment 143080 [details]
a patch for CVE-2006-5864
See also bug 215593 (the same issue in gv from 2.1AS).
Thank you for submitting this issue for consideration in Red Hat Enterprise Linux. The release for which you requested us to review is now End of Life.
Please See https://access.redhat.com/support/policy/updates/errata/
If you would like Red Hat to re-consider your feature request for an active release, please re-open the request via appropriate support channels and provide additional supporting details about the importance of this issue.