Bug 968090 (CVE-2014-9766) - VUL-1: CVE-2014-9766: pixman: create_bits(): Cast the result of height * stride to size_t
Summary: VUL-1: CVE-2014-9766: pixman: create_bits(): Cast the result of height * stri...
Status: RESOLVED FIXED
Alias: CVE-2014-9766
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/162207/
Whiteboard: ibs:running:11098:moderate CVSSv2:SUS...
Keywords:
Depends on:
Blocks:
 
Reported: 2016-02-24 16:50 UTC by Alexander Bergmann
Modified: 2024-05-07 14:37 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 2 Bjørn Lie 2016-02-24 19:15:30 UTC 
openSUSE Leap and 13.2 is already fixed for this one, so I guess this is a SLE only bug.

Thu Jul 10 20:09:28 UTC 2014 - dimstar@

- Update to version 0.32.6:
  + MIPS: Fix exported symbols in public API.
  + build: Check if the compiler supports GCC vector extensions.
  + Bugs fixed: rh#972647, fdo#69014.
Comment 3 Bjørn Lie 2016-02-24 19:16:23 UTC 
(In reply to Bjørn Lie from comment #2)
> openSUSE Leap and 13.2 is already fixed for this one, so I guess this is a
> SLE only bug.

You should perhaps ping the evergreen team to check if they need to push a fix?
Comment 4 Swamp Workflow Management 2016-02-24 23:04:46 UTC 
bugbot adjusting priority
Comment 6 Michael Gorse 2019-04-29 21:13:10 UTC 
SLE 12 has version 0.32.6. I think that it's only SLE-11-SP3 and SLE-11-SP1 that are affected.
Comment 8 Thomas Leroy 2024-05-07 14:37:44 UTC 
All done, closing.