Bug 974854 (CVE-2014-9771)

Summary: VUL-0: CVE-2014-9771: imlib2: exploitable integer overflow in _imlib_SaveImage
Product: [Novell Products] SUSE Security Incidents Reporter: Johannes Segitz <jsegitz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: abergmann, meissner, smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/167251/
Whiteboard: CVSSv2:SUSE:CVE-2014-9771:5.0:(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Comment 6 Swamp Workflow Management 2016-04-11 22:01:02 UTC
bugbot adjusting priority
Comment 9 Swamp Workflow Management 2016-05-18 12:13:38 UTC
openSUSE-SU-2016:1330-1: An update that fixes 8 vulnerabilities is now available.

Category: security (moderate)
Bug References: 963796,963797,963800,973759,973761,974202,974854,975703
CVE References: CVE-2011-5326,CVE-2014-9762,CVE-2014-9763,CVE-2014-9764,CVE-2014-9771,CVE-2016-3993,CVE-2016-3994,CVE-2016-4024
Sources used:
openSUSE 13.2 (src):    imlib2-1.4.9-17.4.1
Comment 10 Marcus Meissner 2017-06-15 21:31:41 UTC
no fix released for sle12 yet for some reason
Comment 13 Simon Lees 2021-03-12 07:39:21 UTC
Reassigning to Security this should be fixed everywhere for quite some time