Hi!
> Ubuntu backported a fix for this hole to lesstif1. From their changelog:
>
> * SECURITY UPDATE: More Xpm vulnerabilities.
> * lib/Xm-2.1/Xpmcreate.c, lib/Xm-2.1/Xpmscan.c: Applied patch from
> freedesktop.org to avoid integer overflows.
> * lib/Xm/LTXpm.c: Backported patch to old
Package: lesstif1-1
Severity: grave
Tags: security, patch
Justification: user security hole
Quoting from a recent Gentoo security advisory:
> Chris Gilbert discovered potentially exploitable buffer overflow cases
> in libXpm that weren't fixed in previous libXpm security advisories.
This has been
2 matches
Mail list logo
