Описание
ELSA-2012-1181: gimp security update (MODERATE)
[2:2.2.13-2.0.7.el5_8.5]
- fix overflow in GIF loader (CVE-2012-3481)
[2:2.2.13-2.0.7.el5_8.4]
- fix overflows in PSD plugin (CVE-2009-3909, CVE-2012-3402)
- fix heap corruption and overflow in GIF plug-in (CVE-2011-2896)
- fix overflow in CEL plug-in (CVE-2012-3403)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
gimp
2.2.13-2.0.7.el5_8.5
gimp-devel
2.2.13-2.0.7.el5_8.5
gimp-libs
2.2.13-2.0.7.el5_8.5
Oracle Linux x86_64
gimp
2.2.13-2.0.7.el5_8.5
gimp-devel
2.2.13-2.0.7.el5_8.5
gimp-libs
2.2.13-2.0.7.el5_8.5
Oracle Linux i386
gimp
2.2.13-2.0.7.el5_8.5
gimp-devel
2.2.13-2.0.7.el5_8.5
gimp-libs
2.2.13-2.0.7.el5_8.5
Ссылки на источники
Связанные уязвимости
Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2009-3909.
Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2009-3909.
Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2009-3909.
Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD p ...
Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2009-3909.