Comment 20 for bug 13779

Message-ID: <email address hidden>
Date: Wed, 20 Apr 2005 23:28:34 -0500
From: Branden Robinson <email address hidden>
To: <email address hidden>
Cc: <email address hidden>
Subject: Re: xfree86 4.1.0-16woody6 available to fix CAN-2005-0605

--Cqq5NadOW2RfLMJ/
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Mar 11, 2005 at 03:35:32AM -0500, Branden Robinson wrote:
> The following URL contains source and binary packages for powerpc resolvi=
ng
> CAN-2005-0605[1], which is described as:
>=20
> The XPM library's scan.c file may allow attackers to execute arbitrary =
code
> by crafting a malicious XPM image file containing a negative bitmap_unit
> value that provokes a buffer overflow.
>=20
> http://redwald.deadbeast.net/tmp/CAN-2005-0605/

Can someone tell me what the status of this is?

--=20
G. Branden Robinson | A celibate clergy is an especially
Free Software Developer | good idea, because it tends to
<email address hidden> | suppress any hereditary propensity
http://deadbeast.net/~branden/ | toward fanaticism. -- Carl Sagan

--Cqq5NadOW2RfLMJ/
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iEYEARECAAYFAkJnK/IACgkQ6kxmHytGonyeQgCeKMHVnj9Lu7TUuisu0I78kpRQ
+Z4AnAmPW5gBIc6JyvM+yQZOk1E4HnYK
=nEzs
-----END PGP SIGNATURE-----

--Cqq5NadOW2RfLMJ/--