Description of problem: * libxfce4util: buffer overflow: 4.4: http://svn.xfce.org/index.cgi/xfce4/revision?rev=26250 trunk: http://svn.xfce.org/index.cgi/xfce4/revision?rev=26251 * libxfce4gui: double free(). 4.4: http://svn.xfce.org/index.cgi/xfce4/revision?rev=25554 trunk: http://svn.xfce.org/index.cgi/xfce4/revision?rev=25555 * libxfce4gui: possibly a format string flaw (?) 4.4: http://svn.xfce.org/index.cgi/xfce4/revision/?rev=25677 * xfce4-panel: A buffer overflow: 4.4: http://svn.xfce.org/index.cgi/xfce4/revision/?rev=25792 http://bugzilla.xfce.org/show_bug.cgi?id=3324 Additional info: Should all be fixed in 4.4.2. These were stolen from gentoo bugzilla: http://bugs.gentoo.org/show_bug.cgi?id=201289 http://bugs.gentoo.org/show_bug.cgi?id=201292 http://bugs.gentoo.org/show_bug.cgi?id=201293
CVE Identifiers were requested.
Should this not be assigned, or at least CC'd, to the XFCE package maintainer? The maintainer does not even seem aware that the update is available as there are not even packages available on updates-testing.
I'm assigned on the two "depends on" bugs here, one for F7 and one for F8. I've been working hard to get Xfce upgraded over the last few weeks... There are 21 main Xfce packages, and 8 plugins that need to be rebuilt, tested, and pushed for a update. ;) That said, the 4.4.2 packages should go out to testing in the next updates push. I would like to see them get a few days in testing before pushing such a big set of packages out to stable. Please do test them and provide feedback in bodhi or here.
Michael: correct. I forgot, I usually create these bugs automatically and script adds the maintainer to Cc. Anyways, he was assigned the tracking bugs, so, as he says, he is aware.
Updates were pushed to stable repositories for both Fedora 7 and Fedora 8: https://admin.fedoraproject.org/updates/F7/FEDORA-2007-4385 https://admin.fedoraproject.org/updates/F8/FEDORA-2007-4368 Closing bug.
CVE ids: CVE-2007-6531 Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips. NOTE: a second buffer overflow (over-read) in the xfce_mkdirhier function was also reported, but it might not be exploitable for a crash or code execution, so it is not a vulnerability. CVE-2007-6532 Double-free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."