On Mon, Feb 11, 2013 at 14:40:21 +0100, Helmut Grohne wrote: > Package: src:pixman > Severity: grave > Tags: security > > The pixman library may be affected by CVE-2013-1591. > > | Stack-based buffer overflow in libpixman, as used in Pale Moon before > | 15.4, has unspecified impact and attack vectors. > > The only references I could find so far were: > > http://www.palemoon.org/releasenotes-ng.shtml > http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1591.html > > Please investigate which pixman versions (if any) are affected by this > issue and update version information for this bug report. > 15:31 < mdeslaur> jcristau: this seems to be the only difference in pale moon: http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f
haven't had a chance to look when that was introduced yet, that may have to wait a couple days. Cheers, Julien -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130211185503.ga29...@crater2.logilab.fr
