On Fri, Mar 11, 2005 at 03:35:32AM -0500, Branden Robinson wrote:
> The following URL contains source and binary packages for powerpc resolvi=
ng
> CAN-2005-0605[1], which is described as:
>=20
> The XPM library's scan.c file may allow attackers to execute arbitrary =
code
> by crafting a malicious XPM image file containing a negative bitmap_unit
> value that provokes a buffer overflow.
>=20
> http://redwald.deadbeast.net/tmp/CAN-2005-0605/
Can someone tell me what the status of this is?
--=20
G. Branden Robinson | A celibate clergy is an especially
Free Software Developer | good idea, because it tends to
<email address hidden> | suppress any hereditary propensity http://deadbeast.net/~branden/ | toward fanaticism. -- Carl Sagan
--Cqq5NadOW2RfLMJ/
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
Message-ID: <email address hidden>
Date: Wed, 20 Apr 2005 23:28:34 -0500
From: Branden Robinson <email address hidden>
To: <email address hidden>
Cc: <email address hidden>
Subject: Re: xfree86 4.1.0-16woody6 available to fix CAN-2005-0605
--Cqq5NadOW2RfLMJ/ Disposition: inline Transfer- Encoding: quoted-printable
Content-Type: text/plain; charset=us-ascii
Content-
Content-
On Fri, Mar 11, 2005 at 03:35:32AM -0500, Branden Robinson wrote: redwald. deadbeast. net/tmp/ CAN-2005- 0605/
> The following URL contains source and binary packages for powerpc resolvi=
ng
> CAN-2005-0605[1], which is described as:
>=20
> The XPM library's scan.c file may allow attackers to execute arbitrary =
code
> by crafting a malicious XPM image file containing a negative bitmap_unit
> value that provokes a buffer overflow.
>=20
> http://
Can someone tell me what the status of this is?
--=20 deadbeast. net/~branden/ | toward fanaticism. -- Carl Sagan
G. Branden Robinson | A celibate clergy is an especially
Free Software Developer | good idea, because it tends to
<email address hidden> | suppress any hereditary propensity
http://
--Cqq5NadOW2RfLMJ/ pgp-signature; name="signature .asc" Description: Digital signature Disposition: inline
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
nK/IACgkQ6kxmHy tGonyeQgCeKMHVn j9Lu7TUuisu0I78 kpRQ JyvM+yQZOk1E4Hn YK
Version: GnuPG v1.4.0 (GNU/Linux)
iEYEARECAAYFAkJ
+Z4AnAmPW5gBIc6
=nEzs
-----END PGP SIGNATURE-----
--Cqq5NadOW2RfL MJ/--