This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsaid="201612-37">
<title>Pixman: Buffer overflow</title>
<synopsis>A buffer overflow in Pixman might allow remote attackers to execute
arbitrary code.
</synopsis>
<producttype="ebuild">pixman</product>
<announced>2016-12-13</announced>
<revisedcount="2">2016-12-13</revised>
<bug>561526</bug>
<access>remote</access>
<affected>
<packagename="x11-libs/pixman"auto="yes"arch="*">
<unaffectedrange="ge">0.32.8</unaffected>
<vulnerablerange="lt">0.32.8</vulnerable>
</package>
</affected>
<background>
<p>Pixman is a pixel manipulation library.</p>
</background>
<description>
<p>In pixman-general, careless computations done with the ‘dest_buffer’
pointer may overflow, failing the buffer upper limit check.
</p>
</description>
<impacttype="normal">
<p>A remote attacker could possibly cause a Denial of Service condition, or
execute arbitrary code with the privileges of the process.
</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All Pixman users should upgrade to the latest version:</p>