Stack-based buffer overflow
Bug #190020 reported by
Lionel Le Folgoc
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Xfce4 Panel |
Fix Released
|
Unknown
|
|||
xfce4-panel (Gentoo Linux) |
Invalid
|
Medium
|
|||
xfce4-panel (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Fix Released
|
High
|
Gauvain Pocentek | ||
Edgy |
Fix Released
|
Undecided
|
Unassigned | ||
Feisty |
Fix Released
|
High
|
Gauvain Pocentek | ||
Gutsy |
Fix Released
|
High
|
Emanuele Gentili | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: xfce4-panel
Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips.
CVE References
Changed in xfce4-panel: | |
status: | New → Fix Released |
Changed in xfce4-panel: | |
status: | Unknown → Fix Released |
Changed in xfce4-panel: | |
assignee: | nobody → emgent |
importance: | Undecided → High |
status: | New → Confirmed |
Changed in xfce4-panel: | |
status: | Unknown → Invalid |
Changed in xfce4-panel: | |
status: | Confirmed → In Progress |
Changed in xfce4-panel: | |
assignee: | nobody → gauvainpocentek |
importance: | Undecided → High |
status: | New → In Progress |
assignee: | nobody → gauvainpocentek |
importance: | Undecided → High |
status: | New → In Progress |
Changed in xfce4-panel: | |
status: | In Progress → Fix Released |
status: | Won't Fix → Fix Released |
status: | In Progress → Fix Released |
status: | In Progress → Fix Released |
Changed in xfce4-panel (Gentoo Linux): | |
importance: | Unknown → Medium |
To post a comment you must log in.
Attaching a patch for xfce 4.4.1 which will probably work for 4.4.0 too.
(I don't have time to prepare and test packages for SRUs).