Description of problem: Please see [1] and [2] for more information, [3] contains the patch. [1] http://www.bugtraq.ir/adv/t1lib.txt [2] http://secunia.com/advisories/26241/ [3] http://bugs.gentoo.org/show_bug.cgi?id=193437 Additional info: This is most likely not exploitable on Fedora, due to FORTIFY_SOURCE protection, as the overflow is strcat() call which is protected. According to the Gentoo bug, the CVE identifier for this was requested.
CVE name is CVE-2007-4033, which was originally described as php_gd2 vulnerability. Description on CVE site is already updated.
I read it here as well http://lwn.net/Articles/250737/ I am applying the fix and rebuilding for FC-6, F-7 and F-8.
Build finished for F-7 and F-8. I will issue the build for FC-6 later (due to problems with plague and the local firewall).
t1lib-5.1.1-3.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.