Comment 17 for bug 63094

seb128: the patch was from GTK upstream, based on Debian's patch from Loic Minier:

http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk+2.0/debian/patches/?rev=8444&sc=0

http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk+2.0/debian/patches/030_CVE-2007-0010_error-handling-in-pixbuf-loaders.patch?op=file&rev=0&sc=0

RedHat's bug:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218932

While the GTK bug seems to be the same code path, the commits that fixed it don't seem to be associated with any particular bug:

http://svn.gnome.org/viewcvs/gtk%2B/trunk/gdk-pixbuf/gdk-pixbuf-loader.c?rev=17165&view=log