|
|
Subscribe / Log in / New account

Mageia alert MGASA-2015-0388 (gdk-pixbuf2.0)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2015-0388: Updated gdk-pixbuf2.0 packages fix security vulnerabilities 


Date:
    	      Sat, 3 Oct 2015 01:52:50 +0200


Message-ID:
    	      <20151002235250.EBA104077D@valstar.mageia.org>


MGASA-2015-0388 - Updated gdk-pixbuf2.0 packages fix security vulnerabilities

Publication date: 02 Oct 2015
URL: http://advisories.mageia.org/MGASA-2015-0388.html
Type: security
Affected Mageia releases: 5
CVE: CVE-2015-7673,
     CVE-2015-7674

Description:
Updated gdk-pixbuf packages fix security vulnerabilities:

Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf
before 2.32.0. This issue is triggered by the scaling of a malformed tga
format image and results in a potentially exploitable crash (CVE-2015-7673).

Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf
before 2.32.1. This issue is triggered by the scaling of a malformed gif
format image (CVE-2015-7674).

References:
- https://bugs.mageia.org/show_bug.cgi?id=16869
- http://openwall.com/lists/oss-security/2015/10/02/9
- http://openwall.com/lists/oss-security/2015/10/02/10
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7673
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7674

SRPMS:
- 5/core/gdk-pixbuf2.0-2.32.1-1.mga5
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds