Ubuntu
libxfcegui4 package

Double-free vulnerability

Bug #190021 reported by Lionel Le Folgoc on 2008-02-07

256

Affects		Status	Importance	Assigned to	Milestone
	libxfcegui4 (Ubuntu)	Fix Released	Undecided	Unassigned
	Dapper	Fix Released	High	Gauvain Pocentek
	Edgy	Won't Fix	Undecided	Unassigned
	Feisty	Fix Released	High	Gauvain Pocentek
	Gutsy	Fix Released	High	Gauvain Pocentek
	Hardy	Fix Released	Undecided	Unassigned

Bug Description

Double-free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management."

http://svn.xfce.org/index.cgi/xfce/revision?rev=25554

CVE References

2007-6532

Lionel Le Folgoc (mrpouit) on 2008-02-07

Changed in libxfcegui4:
status:	New → Fix Released

Lionel Le Folgoc (mrpouit) on 2008-06-27

Changed in libxfcegui4:
status:	New → Invalid

Lionel Le Folgoc (mrpouit) on 2008-06-27

Changed in libxfcegui4:
status:	Invalid → Won't Fix
assignee:	nobody → gauvainpocentek
importance:	Undecided → High
status:	New → In Progress
assignee:	nobody → gauvainpocentek
importance:	Undecided → High
status:	New → In Progress
assignee:	nobody → gauvainpocentek
importance:	Undecided → High
status:	New → In Progress

Revision history for this message

Gauvain Pocentek (gpocentek) wrote on 2008-06-27:

#1

gutsy debdiff Edit (2.0 KiB, text/plain)

Revision history for this message

Gauvain Pocentek (gpocentek) wrote on 2008-06-27:

#2

feisty debdiff Edit (2.0 KiB, text/plain)

Revision history for this message

Gauvain Pocentek (gpocentek) wrote on 2008-06-27:

#3

dapper debdiff Edit (2.1 KiB, text/plain)

Revision history for this message

Lionel Le Folgoc (mrpouit) wrote on 2008-06-27:

#4

These 3 debdiffs build fine, and the resulting packages build/upgrade/remove/purge fine too. I'll test them tomorrow.

Revision history for this message

Gauvain Pocentek (gpocentek) wrote on 2008-06-28:

#5

Packages tested on dapper, feisty and gutsy, no problem found.

Revision history for this message

Lionel Le Folgoc (mrpouit) wrote on 2008-06-28:

#6

Tested too, no problem.

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2008-06-30:

#7

Thanks for your debdiffs! I have uploaded these and they should hit the archive soon.

Changed in libxfcegui4:
status:	In Progress → Fix Committed
status:	Won't Fix → Fix Committed
status:	In Progress → Fix Committed
status:	In Progress → Fix Committed

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2008-07-03:

#8

Edgy has reached end-of-life, so marking as Ton't Fix

Changed in libxfcegui4:
status:	Fix Committed → Won't Fix
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.