Red Hat Bugzilla – Bug 332061
CVE-2007-5137 Tk GIF processing buffer overflow [F7]
Last modified: 2007-11-30 17:12:18 EST
F7 tracking bug: see blocks bug list for full details of the security issue(s).
[bug automatically created by: add-tracking-bugs]
In F-7 is tk-8.4.13 with fixed buffer.
Marcela, I'm obviously overlooking something. Latest F7 version I can see is
tk-8.4.13-5.fc7, which seems to be affected. This issue was fixed in devel in
version tk-8.4.15-5.fc8, changelog uses CVE name originally assigned to this
issue - CVE-2007-4851.
Is there any F7 version I've missed? I hope I haven't mixed up bugzillas for
CVE-2007-5137 and CVE-2007-5378.
I mixed different issues. The CVE-2007-5137 was solved in tk-8.4.13-6.fc7.
Marcela, thanks for prompt action!