Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/show_bug.cgi?id=431529 Summary: CVE-2008-0553 tk: GIF handling buffer overflow Product: Fedora Version: rawhide Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: perl-Tk AssignedTo: andreas.bierfert@xxxxxxxxxxxxx ReportedBy: andreas.bierfert@xxxxxxxxxxxxx QAContact: extras-qa@xxxxxxxxxxxxxxxxx CC: andreas.bierfert@xxxxxxxxxxxxx,fedora-perl-devel- list@xxxxxxxxxx,mmaslano@xxxxxxxxxx,wtogami@xxxxxxxxxx +++ This bug was initially created as a clone of Bug #431518 +++ tk GIF handling code is based on the same code as used by gd and SDL_image and is affected by the overflow known as CVE-2006-4484 and CVE-2007-6697. ReadImage function in tkImgGIF.c does not properly check the value of initialCodeSize value read from GIF image before using it as upper bound during the initialization of append array. This can result in stack buffer overflow. Upstream fix: http://tktoolkit.cvs.sourceforge.net/tktoolkit/tk/generic/tkImgGIF.c?r1=1.40&r2=1.41 This is expected to be included in upstream tk version 8.5.1. Related issues: CVE-2006-4484 (gd), CVE-2007-6697 (SDL_image), CVE-2008-0554 (netpbm) -- Additional comment from thoger@xxxxxxxxxx on 2008-02-05 03:55 EST -- perl-Tk uses embedded copy of tk source code and is affected by this problem too. Adding perl-Tk maintainers to the CC list too. -- Additional comment from mmaslano@xxxxxxxxxx on 2008-02-05 03:58 EST -- Tk is fixed in rawhide, F-8, F-7. The upstream fix was used. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl Fedora-perl-devel-list mailing list Fedora-perl-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-perl-devel-list
