| |||||||||||||||||||
Mageia alert MGASA-2012-0236 (gimp)
MGASA-2012-0236 Date: August 23rd, 2012 Affected releases: 1, 2 Description: Updated gimp packages fix security vulnerabilities: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially-crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP (CVE-2012-3481). A heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file format plug-in. An attacker could create a specially-crafted KiSS palette file that, when opened, could cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP (CVE-2012-3403). Updated Packages: Mageia 1: gimp-2.6.11-7.2.mga1 gimp-python-2.6.11-7.2.mga1 lib(64)gimp2.0_0-2.6.11-7.2.mga1 lib(64)gimp2.0-devel-2.6.11-7.2.mga1 Mageia 2: gimp-2.8.0-1.1.mga2 gimp-python-2.8.0-1.1.mga2 lib(64)gimp2.0_0-2.8.0-1.1.mga2 lib(64)gimp2.0-devel-2.8.0-1.1.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3403 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3481 https://rhn.redhat.com/errata/RHSA-2012-1180.html https://bugs.mageia.org/show_bug.cgi?id=7128 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||