Bug 3578 - [UPDATE REQUEST] [UPSTREAM UPDATE] pixman
: [UPDATE REQUEST] [UPSTREAM UPDATE] pixman
Status: RESOLVED FIXED
Product: Server Bugs
Classification: ROSA Server
Component: Main Packages
: unspecified
: All Linux
: Normal normal
: ---
Assigned To: Andrew Lukoshko
: ROSA Server Bugs
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-01-13 15:20 MSK by Andrew Lukoshko
Modified: 2014-01-21 18:50 MSK (History)
1 user (show)

See Also:
RPM Package:
ISO-related:
Bad POT generating:
Upstream:
vladimir.potapov: qa_verified+
andrew.lukoshko: published_server+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Lukoshko 2014-01-13 15:20:24 MSK
An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an  application using pixman into rendering a trapezoid shape with specially  crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425)

http://rhn.redhat.com/errata/RHSA-2013-1869.html

https://abf.rosalinux.ru/build_lists/1513318
https://abf.rosalinux.ru/build_lists/1513319
Comment 1 Vladimir Potapov 2014-01-14 13:48:45 MSK
pixman-0.26.2-5.1.res6
***************** RHEL Advisory **************************
An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an  application using pixman into rendering a trapezoid shape with specially  crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425)

http://rhn.redhat.com/errata/RHSA-2013-1869.html
***********************************************************
QA Verified