Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 200503-15 ] libXpm vulnerability
View unanswered posts
View posts from last 24 hours

Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message

Joined: 13 Jun 2003
Posts: 4087
Location: Dresden, Germany

PostPosted: Sat Mar 12, 2005 4:55 pm    Post subject: [ GLSA 200503-15 ] libXpm vulnerability Reply with quote

Gentoo Linux Security Advisory

Title: libXpm vulnerability (GLSA 200503-15)
Severity: normal
Exploitable: remote
Date: March 12, 2005
Bug(s): #83598
ID: 200503-15


A new vulnerability has been discovered in libXpm, which is included in, that can potentially lead to remote code execution.


libXpm is a pixmap manipulation library for the X Window System, included in

Affected Packages

Package: x11-base/xorg-x11
Vulnerable: < 6.8.2-r1
Unaffected: >= 6.8.0-r5 < 6.8.1
Unaffected: >= 6.8.2-r1
Architectures: All supported architectures


Chris Gilbert has discovered potentially exploitable buffer overflow cases in libXpm that weren't fixed in previous libXpm versions.


A carefully-crafted XPM file could crash, potentially allowing the execution of arbitrary code with the privileges of the user running the application.


There is no known workaround at this time.


All users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose x11-base/xorg-x11


Freedesktop bug

Last edited by GLSA on Sun Jul 30, 2006 4:17 am; edited 3 times in total
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum