ALT-BU-2018-3197-1
Branch sisyphus update bulletin.
Package libgdk-pixbuf updated to version 2.36.12-alt1 for branch sisyphus in task 203860.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2017-6312
Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations.
- http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
- http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
- [oss-security] 20170221 CVE Request - Multiple vulnerabilities in gdk-pixbuf
- [oss-security] 20170221 CVE Request - Multiple vulnerabilities in gdk-pixbuf
- [oss-security] 20170226 Re: CVE Request - Multiple vulnerabilities in gdk-pixbuf
- [oss-security] 20170226 Re: CVE Request - Multiple vulnerabilities in gdk-pixbuf
- 96779
- 96779
- https://bugzilla.gnome.org/show_bug.cgi?id=779012
- https://bugzilla.gnome.org/show_bug.cgi?id=779012
- [debian-lts-announce] 20191219 [SECURITY] [DLA 2043-1] gdk-pixbuf security update
- [debian-lts-announce] 20191219 [SECURITY] [DLA 2043-1] gdk-pixbuf security update
- FEDORA-2020-418ce730df
- FEDORA-2020-418ce730df
- FEDORA-2020-a718b79006
- FEDORA-2020-a718b79006
- GLSA-201709-08
- GLSA-201709-08
Modified: 2024-11-21
CVE-2017-6313
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.
- http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
- http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
- [oss-security] 20170221 CVE Request - Multiple vulnerabilities in gdk-pixbuf
- [oss-security] 20170221 CVE Request - Multiple vulnerabilities in gdk-pixbuf
- [oss-security] 20170226 Re: CVE Request - Multiple vulnerabilities in gdk-pixbuf
- [oss-security] 20170226 Re: CVE Request - Multiple vulnerabilities in gdk-pixbuf
- 96779
- 96779
- https://bugzilla.gnome.org/show_bug.cgi?id=779016
- https://bugzilla.gnome.org/show_bug.cgi?id=779016
- [debian-lts-announce] 20191219 [SECURITY] [DLA 2043-1] gdk-pixbuf security update
- [debian-lts-announce] 20191219 [SECURITY] [DLA 2043-1] gdk-pixbuf security update
- FEDORA-2020-418ce730df
- FEDORA-2020-418ce730df
- FEDORA-2020-a718b79006
- FEDORA-2020-a718b79006
- GLSA-201709-08
- GLSA-201709-08
Modified: 2024-11-21
CVE-2017-6314
The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.
- http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
- http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
- [oss-security] 20170221 CVE Request - Multiple vulnerabilities in gdk-pixbuf
- [oss-security] 20170221 CVE Request - Multiple vulnerabilities in gdk-pixbuf
- [oss-security] 20170226 Re: CVE Request - Multiple vulnerabilities in gdk-pixbuf
- [oss-security] 20170226 Re: CVE Request - Multiple vulnerabilities in gdk-pixbuf
- 96779
- 96779
- https://bugzilla.gnome.org/show_bug.cgi?id=779020
- https://bugzilla.gnome.org/show_bug.cgi?id=779020
- [debian-lts-announce] 20191219 [SECURITY] [DLA 2043-1] gdk-pixbuf security update
- [debian-lts-announce] 20191219 [SECURITY] [DLA 2043-1] gdk-pixbuf security update
- FEDORA-2020-418ce730df
- FEDORA-2020-418ce730df
- FEDORA-2020-a718b79006
- FEDORA-2020-a718b79006
- GLSA-201709-08
- GLSA-201709-08
Closed bugs
Не локализован интерфейс