Novell Home

CVE-2013-1591

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-1591 at MITRE

Description

Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.

NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Note from the SUSE Security Team

The security issue was introduced after pixman 0.16.0, so SUSE Linux Enterprise 11 SP2 and older products are not affected.

Novell Bugzilla entry: 815064

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SP3 DEBUGINFO
  • pixman-debuginfo >= 0.24.4-0.13.1
  • pixman-debugsource >= 0.24.4-0.13.1
Builds
SAT Patch Nr: 8119
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libpixman-1-0-devel >= 0.24.4-0.13.1
Builds
SAT Patch Nr: 8119
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libpixman-1-0 >= 0.24.4-0.13.1
Builds
SAT Patch Nr: 8119
SUSE Linux Enterprise Server 11 SP3
  • libpixman-1-0 >= 0.24.4-0.13.1
  • libpixman-1-0-x86 >= 0.24.4-0.13.1
Builds
SAT Patch Nr: 8119
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libpixman-1-0 >= 0.24.4-0.13.1
  • libpixman-1-0-32bit >= 0.24.4-0.13.1
Builds
SAT Patch Nr: 8119

© 2014 Novell