Red Hat Bugzilla – Bug 412741
Multiple security issues fixed in Xfce 4.4.2
Last modified: 2008-01-10 03:52:01 EST
Description of problem:
* libxfce4util: buffer overflow:
* libxfce4gui: double free().
* libxfce4gui: possibly a format string flaw (?)
* xfce4-panel: A buffer overflow:
Should all be fixed in 4.4.2.
These were stolen from gentoo bugzilla:
CVE Identifiers were requested.
Should this not be assigned, or at least CC'd, to the XFCE package maintainer?
The maintainer does not even seem aware that the update is available as there
are not even packages available on updates-testing.
I'm assigned on the two "depends on" bugs here, one for F7 and one for F8.
I've been working hard to get Xfce upgraded over the last few weeks...
There are 21 main Xfce packages, and 8 plugins that need to be rebuilt, tested,
and pushed for a update. ;)
That said, the 4.4.2 packages should go out to testing in the next updates push.
I would like to see them get a few days in testing before pushing such a big set
of packages out to stable. Please do test them and provide feedback in bodhi or
Michael: correct. I forgot, I usually create these bugs automatically and script
adds the maintainer to Cc. Anyways, he was assigned the tracking bugs, so, as he
says, he is aware.
Updates were pushed to stable repositories for both Fedora 7 and Fedora 8:
Stack-based buffer overflow in the Panel (xfce4-panel) component in
Xfce before 4.4.2 might allow remote attackers to execute arbitrary
code via Launcher tooltips. NOTE: a second buffer overflow
(over-read) in the xfce_mkdirhier function was also reported, but it
might not be exploitable for a crash or code execution, so it is not a
Double-free vulnerability in the Widget Library (libxfcegui4) in Xfce
before 4.4.2 might allow remote attackers to execute arbitrary code
via unknown vectors related to the "cliend id, program name and
working directory in session management."