>Number:         26865
>Category:       pkg
>Synopsis:       graphics/xv: patch, fixes the recently discovered buffer-overflows
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Mon Sep 06 12:46:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     Ove Soerensen
>Release:        
>Organization:
>Environment:
>Description:
see http://www.securityfocus.com/archive/1/372345/2004-08-19/2004-08-25/0
for the advisory, proof-of-concept code is in the wild. given the wide
adoption of xv this should be considered serious. the patch is available
at:
http://www.elektro-eel.org/xv-security.tar.gz

>How-To-Repeat:

>Fix:

>Release-Note:
>Audit-Trail:
>Unformatted: