This fork of bug #727800, comment #17. pl 5.10.2 and 5.10.5 affected. Other version not yet tested.
pl-5.7.11-6.fc14.x86_64 in Fedora affected too.
Fixed in upstream xpce repository by two patches: commit 4bc3a0a32132c04b11ad83f2b5847be83ab7364b Author: Jan Wielemaker <J.Wielemaker.nl> Date: Wed Aug 24 14:40:31 2011 +0200 SECURITY: Make sure all pixels are within the allocated colormap commit 797226335ec47573f80e84d0fbdf1536292868d0 Author: Jan Wielemaker <J.Wielemaker.nl> Date: Wed Aug 24 14:08:17 2011 +0200 SECURITY: Bug#9: Loading incomplete GIF files causes an invalid read. Petr P An incomplete image file causes part of the pixels to be uninitialised. As the pixels are entries in a colormap, this causes invalid reads.
Fixed in F17 as pl-5.10.5-2.fc17.
pl-5.10.2-5.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/pl-5.10.2-5.fc16
pl-5.10.2-5.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/pl-5.10.2-5.fc15
pl-5.7.11-7.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/pl-5.7.11-7.fc14
pl-5.10.2-5.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
pl-5.7.11-7.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.
pl-5.10.2-5.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.