Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Fedora 8 2008-1142 Moderate: Tk Memory Leak in PNG Handling

fedora
Calendar Grey February 7, 2008
Dist Fedora Esm H88
The latest Fedora update addresses a critical buffer overflow issue found in gif parsing within tk applications, thereby bolstering system security.
Fixed security issue - buffer overflow in gif parsing.

Summary

When paired with the Tcl scripting language, Tk provides a fast and powerful

way to create cross-platform GUI applications.

Fixed security issue - buffer overflow in gif parsing.

* Mon Jan 28 2008 Marcela Maslanova - 1:8.4.13-7

- attached upstream patch

- similar to CVE-2006-4484, problem with GIF again #430100

* Mon Oct 15 2007 Marcela Maslanova - 1:8.4.13-6

- CVE-2007-5137 gif buffer overflow

[ 1 ] Bug #431518 - CVE-2008-0553 tk: GIF handling buffer overflow

https://bugzilla.redhat.com/show_bug.cgi?id=431518

su -c 'yum update tk' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 7
Version: 8.4.13
Release: 7.fc7
URL:
Summary: The graphical toolkit for the Tcl scripting language

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.