22945 2010-02-11 17:55:10 +0300 CVE-2009-4274 netpbm: Stack-based buffer overflow by processing X PixMap image 2010-03-02 22:38:53 +0300 1 1 4 Development Sisyphus netpbm unstable all Linux CLOSED FIXED https://bugzilla.redhat.com/show_bug.cgi?id=546580 security P3 blocker --- 1 ldv crux crux lakostis qa-sisyphus oldest_to_newest 106627 0 ldv 2010-02-11 17:55:10 +0300 Marc Schoenefeld found a stack-based buffer overflow in the way netpbm graphics file formats handling library used to process content of header fields of the X PixMap (XPM) image file. A remote attacker could provide a specially-crafted XPM image file and trick the local user into processing it, which would lead to denial of service (crash of application using the netpbm library) or, potentially, to execution of arbitrary code with the privileges of that application. 106673 1 crux 2010-02-13 22:23:29 +0300 Подготовил исправление для Sisyphus: http://git.altlinux.org/people/crux/packages/?p=netpbm.git;a=summary Исправление для бранчей также можно подготовить (пример в бранче M51) Если замечаний не будет, то можно будет отправить на сборку. 107322 2 crux 2010-03-02 22:38:53 +0300 fixed in 10.35.73-alt1