[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-200801-06.xml - gentoo-commits

From:	"Robert Buchholz (rbu)" <rbu@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-200801-06.xml
Date:	Wed, 09 Jan 2008 23:25:45
Message-Id:	`E1JCkIo-00043O-PC@stork.gentoo.org`

1

rbu         08/01/09 23:25:42

2

3

  Modified:             glsa-200801-06.xml

4

  Log:

5

  GLSA 200801-06 typos fixed

6

7

Revision  Changes    Path

8

1.2                  xml/htdocs/security/en/glsa/glsa-200801-06.xml

9

10

file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200801-06.xml?rev=1.2&view=markup

11

plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200801-06.xml?rev=1.2&content-type=text/plain

12

diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200801-06.xml?r1=1.1&r2=1.2

13

14

Index: glsa-200801-06.xml

15

===================================================================

16

RCS file: /var/cvsroot/gentoo/xml/htdocs/security/en/glsa/glsa-200801-06.xml,v

17

retrieving revision 1.1

18

retrieving revision 1.2

19

diff -u -r1.1 -r1.2

20

--- glsa-200801-06.xml	9 Jan 2008 23:21:12 -0000	1.1

21

+++ glsa-200801-06.xml	9 Jan 2008 23:25:42 -0000	1.2

22

@@ -11,7 +11,7 @@

23

   </synopsis>

24

   <product type="ebuild">xfce4-panel libxfcegui4</product>

25

   <announced>January 09, 2008</announced>

26

-  <revised>January 09, 2008: 01</revised>

27

+  <revised>January 09, 2008: 02</revised>

28

   <bug>201292</bug>

29

   <bug>201293</bug>

30

   <access>remote</access>

31

@@ -33,19 +33,19 @@

32

   </background>

33

   <description>

34

<p>

35

-    Gregory Andersen reported that Xfce4 panel does not correctly calculate

36

-    memory boundaries, leading to a stack-based buffer overflow in the

37

-    launcher_update_panel_entry() function (CVE-2007-6531). Daichi Kawahata

38

-    reported libxfcegui4 did not copy provided values when creating

39

-    "SessionClient" structs, possibly leading to access of freed memory

40

-    areas (CVE-2007-6532).

41

+    Gregory Andersen reported that the Xfce4 panel does not correctly

42

+    calculate memory boundaries, leading to a stack-based buffer overflow

43

+    in the launcher_update_panel_entry() function (CVE-2007-6531). Daichi

44

+    Kawahata reported libxfcegui4 did not copy provided values when

45

+    creating "SessionClient" structs, possibly leading to access of freed

46

+    memory areas (CVE-2007-6532).

47

     </p>

48

   </description>

49

   <impact type="normal">

50

<p>

51

     A remote attacker could entice a user to install a specially crafted

52

-    "rc" to execute arbitrary code with file via long strings in the "Name"

53

-    and "Comment" fields or via unspecified vectors involving the second

54

+    "rc" file to execute arbitrary code via long strings in the "Name" and

55

+    "Comment" fields or via unspecified vectors involving the second

56

     vulnerability.

57

     </p>

58

   </impact>

--

63

gentoo-commits@l.g.o mailing list

1	rbu 08/01/09 23:25:42
2
3	Modified: glsa-200801-06.xml
4	Log:
5	GLSA 200801-06 typos fixed
6
7	Revision Changes Path
8	1.2 xml/htdocs/security/en/glsa/glsa-200801-06.xml
9
10	file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200801-06.xml?rev=1.2&view=markup
11	plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200801-06.xml?rev=1.2&content-type=text/plain
12	diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200801-06.xml?r1=1.1&r2=1.2
13
14	Index: glsa-200801-06.xml
15	===================================================================
16	RCS file: /var/cvsroot/gentoo/xml/htdocs/security/en/glsa/glsa-200801-06.xml,v
17	retrieving revision 1.1
18	retrieving revision 1.2
19	diff -u -r1.1 -r1.2
20	--- glsa-200801-06.xml 9 Jan 2008 23:21:12 -0000 1.1
21	+++ glsa-200801-06.xml 9 Jan 2008 23:25:42 -0000 1.2
22	@@ -11,7 +11,7 @@
23	</synopsis>
24	<product type="ebuild">xfce4-panel libxfcegui4</product>
25	<announced>January 09, 2008</announced>
26	- <revised>January 09, 2008: 01</revised>
27	+ <revised>January 09, 2008: 02</revised>
28	<bug>201292</bug>
29	<bug>201293</bug>
30	<access>remote</access>
31	@@ -33,19 +33,19 @@
32	</background>
33	<description>
34	<p>
35	- Gregory Andersen reported that Xfce4 panel does not correctly calculate
36	- memory boundaries, leading to a stack-based buffer overflow in the
37	- launcher_update_panel_entry() function (CVE-2007-6531). Daichi Kawahata
38	- reported libxfcegui4 did not copy provided values when creating
39	- "SessionClient" structs, possibly leading to access of freed memory
40	- areas (CVE-2007-6532).
41	+ Gregory Andersen reported that the Xfce4 panel does not correctly
42	+ calculate memory boundaries, leading to a stack-based buffer overflow
43	+ in the launcher_update_panel_entry() function (CVE-2007-6531). Daichi
44	+ Kawahata reported libxfcegui4 did not copy provided values when
45	+ creating "SessionClient" structs, possibly leading to access of freed
46	+ memory areas (CVE-2007-6532).
47	</p>
48	</description>
49	<impact type="normal">
50	<p>
51	A remote attacker could entice a user to install a specially crafted
52	- "rc" to execute arbitrary code with file via long strings in the "Name"
53	- and "Comment" fields or via unspecified vectors involving the second
54	+ "rc" file to execute arbitrary code via long strings in the "Name" and
55	+ "Comment" fields or via unspecified vectors involving the second
56	vulnerability.
57	</p>
58	</impact>
59
60
61
62	--
63	gentoo-commits@l.g.o mailing list

Gentoo Archives: gentoo-commits