oss-sec mailing list archives

Re: CVE Request: Gtk2 Perl Module: incorrect memory management in Gtk2::Gdk::Display::list_devices

From: Salvatore Bonaccorso <carnil () debian org>
Date: Tue, 10 Mar 2015 17:27:04 +0100

Hi,

On Fri, Feb 20, 2015 at 03:07:16PM +0100, Salvatore Bonaccorso wrote:

A new upstream version of the Gtk2 Perl module was released (1.2495)
fixing incorrect memory management in
Gtk2::Gdk::Display::list_devices. Upstream commit is at

https://git.gnome.org/browse/perl-Gtk2/commit/?id=4856da628ce37099b27b66a88141dc6daad693b0

References:
-----------
 - https://bugzilla.redhat.com/show_bug.cgi?id=1188219
 - https://mail.gnome.org/archives/gtk-perl-list/2015-January/msg00039.html
 - https://bugs.mageia.org/show_bug.cgi?id=15173
 - https://lwn.net/Vulnerabilities/633094/

Could you assign a CVE for it?


Can a CVE be assigned for this issue, or does it actually not warrant
a CVE? Is there more information that needs to be provided first?

Thanks a lot for your work!

Regards,
Salvatore

Current thread:

CVE Request: Gtk2 Perl Module: incorrect memory management in Gtk2::Gdk::Display::list_devices Salvatore Bonaccorso (Feb 20)
- Re: CVE Request: Gtk2 Perl Module: incorrect memory management in Gtk2::Gdk::Display::list_devices Salvatore Bonaccorso (Mar 10)
- Re: CVE Request: Gtk2 Perl Module: incorrect memory management in Gtk2::Gdk::Display::list_devices cve-assign (Mar 12)