This bug was fixed in the package gtk+2.0 - 2.24.30-1ubuntu1.16.04.2
---
gtk+2.0 (2.24.30-1ubuntu1.16.04.2) xenial; urgency=medium
* Add debian/patches/lp1641912-add-limit-to-list-size.patch, which fixes a
DOS allowing any application to cause all GTK applications to use an
This bug was fixed in the package gtk+2.0 - 2.24.31-1ubuntu1.1
---
gtk+2.0 (2.24.31-1ubuntu1.1) zesty; urgency=medium
* Add debian/patches/lp1641912-add-limit-to-list-size.patch, which fixes a
DOS allowing any application to cause all GTK applications to use an
arbitrary amo
** Tags removed: verification-needed yakkety
** Tags added: artful
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1641912
Title:
Please backport two recent-manager patches
Status in
Tested the POC against version 2.24.30-1ubuntu1.16.04.2 from xenial-proposed.
Updated package fixes the bug.
** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed
Tested the POC against version 2.24.31-1ubuntu1.1 from zesty-proposed.
Updated package fixes the bug.
** Tags removed: verification-needed-zesty
** Tags added: verification-done-zesty
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gtk+2
Hello Curaga, or anyone else affected,
Accepted gtk+2.0 into xenial-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/gtk+2.0/2.24.30-1ubuntu1.16.04.2 in
a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
Thank you! This is exactly what I needed, especially the regression
potential field - very good!
** Changed in: gtk+2.0 (Ubuntu Zesty)
Status: In Progress => Fix Committed
** Tags added: verification-needed verification-needed-zesty
--
You received this bug notification because you are a
Hello Łukasz!
I have updated the bug report to follow the SRU documentation
(apologies, I spaced filling out the bug report).
** Description changed:
+ [Impact]
+
+ Without these fixes, a specially crafted GTK program can cause a Denial
+ of Service attack on any machine with open GTK programs.
Hello! Thank you for preparing and uploading the fix for our stable releases.
For us to be able to properly review your SRU we would need some more
information included in this bug. Please update the bug description to include
the SRU template as found here:
https://wiki.ubuntu.com/StableRelease
This bug was fixed in the package gtk+2.0 - 2.24.31-1ubuntu2
---
gtk+2.0 (2.24.31-1ubuntu2) artful; urgency=medium
* Add debian/patches/lp1641912-add-limit-to-list-size.patch, which fixes a
DOS allowing any application to cause all GTK applications to use an
arbitrary amount
** Changed in: gtk+2.0 (Ubuntu Zesty)
Assignee: (unassigned) => Simon Quigley (tsimonq2)
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1641912
Title:
Please backport two recent-
** Also affects: gtk+2.0 (Ubuntu Artful)
Importance: Critical
Assignee: Simon Quigley (tsimonq2)
Status: In Progress
** Also affects: gtk+2.0 (Ubuntu Zesty)
Importance: Undecided
Status: New
** Changed in: gtk+2.0 (Ubuntu Zesty)
Status: New => In Progress
** Chang
Attached is a debdiff for Artful applicable to 2.24.31-1ubuntu1.
** Patch added: "1-2.24.31-1ubuntu2.debdiff"
https://bugs.launchpad.net/ubuntu/+source/gtk+2.0/+bug/1641912/+attachment/4918517/+files/1-2.24.31-1ubuntu2.debdiff
--
You received this bug notification because you are a member of
Attached is a debdiff for Zesty applicable to 2.24.31-1ubuntu1.
** Patch added: "1-2.24.31-1ubuntu1.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/gtk+2.0/+bug/1641912/+attachment/4918516/+files/1-2.24.31-1ubuntu1.1.debdiff
--
You received this bug notification because you are a member
Attached is a debdiff for Xenial applicable to 2.24.30-1ubuntu1.16.04.1.
** Patch added: "1-2.24.30-1ubuntu1.16.04.2.debdiff"
https://bugs.launchpad.net/ubuntu/+source/gtk+2.0/+bug/1641912/+attachment/4918508/+files/1-2.24.30-1ubuntu1.16.04.2.debdiff
--
You received this bug notification bec
** Changed in: gtk+2.0 (Ubuntu Xenial)
Assignee: (unassigned) => Simon Quigley (tsimonq2)
** Changed in: gtk+2.0 (Ubuntu Xenial)
Status: Confirmed => In Progress
** Changed in: gtk+2.0 (Ubuntu)
Assignee: (unassigned) => Simon Quigley (tsimonq2)
** Changed in: gtk+2.0 (Ubuntu)
Yakkety 16.10 goes EOL this month.
** Changed in: gtk+2.0 (Ubuntu Yakkety)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1641912
Title:
Please
** Changed in: gtk+2.0 (Ubuntu)
Importance: Undecided => Critical
** Changed in: gtk+2.0 (Ubuntu Xenial)
Importance: Undecided => Critical
** Changed in: gtk+2.0 (Ubuntu Yakkety)
Importance: Undecided => Critical
** Changed in: gtk+2.0 (Ubuntu)
Importance: Critical => High
** Change
** Changed in: gtk
Status: Unknown => Fix Released
** Changed in: gtk
Importance: Unknown => Medium
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1641912
Title:
Please bac
** Bug watch added: GNOME Bug Tracker #773587
https://bugzilla.gnome.org/show_bug.cgi?id=773587
** Also affects: gtk via
https://bugzilla.gnome.org/show_bug.cgi?id=773587
Importance: Unknown
Status: Unknown
** Description changed:
https://git.gnome.org/browse/gtk+/commit/?h=gt
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: gtk+2.0 (Ubuntu Xenial)
Status: New => Confirmed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/bu
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: gtk+2.0 (Ubuntu Yakkety)
Status: New => Confirmed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/b
** Tags added: xenial yakkety zesty
** Also affects: gtk+2.0 (Ubuntu Yakkety)
Importance: Undecided
Status: New
** Also affects: gtk+2.0 (Ubuntu Xenial)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Desktop
Packages, whic
** Changed in: gtk+2.0 (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1641912
Title:
Please backport two recent-manager patches
Status in gtk
24 matches
Mail list logo
