16167 – libwmf new security issues CVE-2015-4695 and CVE-2015-4696

Bug 16167 - libwmf new security issues CVE-2015-4695 and CVE-2015-4696

Summary: libwmf new security issues CVE-2015-4695 and CVE-2015-4696

Status:	RESOLVED DUPLICATE of bug 16127

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	i586 Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Mageia Bug Squad
QA Contact:	Sec team

URL:
Whiteboard:	MGA5TOO, MGA4TOO
Keywords:

Depends on:
Blocks:

Reported:	2015-06-21 23:49 CEST by David Walser
Modified:	2015-06-27 17:57 CEST (History)
CC List:	0 users

See Also:
Source RPM:	libwmf-0.2.8.4-32.1.mga5
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-06-21 23:49:33 CEST

CVEs have been assigned for two more issues in libwmf today (June 21):
http://openwall.com/lists/oss-security/2015/06/21/3

I don't want to hold up the current update (Bug 16127) since it's high severity, but if patches are available and accepted for these two before QA gets to it, I'll include it in that update.

Reproducible: 

Steps to Reproduce:

David Walser 2015-06-21 23:49:42 CEST

Whiteboard: (none) => MGA5TOO, MGA4TOO

Comment 1 David Walser 2015-06-27 17:57:03 CEST

Now being handled in Bug 16127.

*** This bug has been marked as a duplicate of bug 16127 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE

Note You need to log in before you can comment on or make changes to this bug.