Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2006-5864: gv <= 3.6.2 stack-based buffer overflow
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=215136
michal(a)harddata.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |high
CC| |michal(a)harddata.com
------- Additional Comments From michal(a)harddata.com 2006-12-04 12:09 EST -------
Mandriva Linux Security Advisory, MDKSA-2006:214-1, says the following:
"The patch used in the previous update still left the possibility of
causing X to consume unusual amounts of memory if gv is used to view a
carefully crafted image designed to exploit CVE-2006-5864. This update
uses an improved patch to address this issue."
For patches see, for example, gv-3.6.1-4.3.20060mdk.src.rpm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864
--
Configure bugmail:
https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.