open-motif-2.2.3 and X.Org 6.8.1 security
Kris Kennaway
kris at obsecurity.org
Mon Dec 27 12:33:30 PST 2004
On Mon, Dec 27, 2004 at 09:22:31PM +0100, Rene Ladan wrote:
> Hi,
>
> I still get this one in my daily security check:
>
> ----- Forwarded message from Charlie Root <root at host>
>
> Date: Mon, 27 Dec 2004 03:05:12 +0100 (CET)
>
> [..snip..]
>
> Checking for a current audit database:
>
> Downloading fresh database.
> auditfile.tbz 16 kB 29 kBps
> New database installed.
> Database created: Mon Dec 27 02:40:22 CET 2004
>
> Checking for packages with security vulnerabilities:
>
> Affected package: open-motif-2.2.3
> Type of problem: xpm -- image decoding vulnerabilities.
> Reference: <http://www.FreeBSD.org/ports/portaudit/ef253f8b-0727-11d9-b45d-000c41e2cdad.html>
>
> [..snip..]
>
> ----- End forwarded message -----
>
> With X.Org 6.8.1 installed, is this still a vulnerability?
Presumably since it's code included within open-motif. You should
talk to the port maintainer and software authors about fixing it.
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20041227/edb28346/attachment.bin
More information about the freebsd-ports
mailing list