Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2016:1481-1

Опубликовано: 03 июн. 2016
Источник: suse-cvrf

Описание

Security update for imlib2

This update for imlib2 fixes the following issues:

Security issues fixed:

  • CVE-2016-3994: Potential DOS in giflib loader (bsc#973759)
  • CVE-2016-3993: Off buy 1 in merge update (bsc#973761)
  • CVE-2014-9764: fix segmentation fault when opening specifically crafted input (bsc#963797)
  • CVE-2014-9763: Prevent division-by-zero crashes (bsc#963800)
  • CVE-2011-5326: Ellipse of width 1 triggers crashes (bsc#974202)

Bugs fixed:

  • bsc#977538: Fix various potential crashes

Список пакетов

SUSE Linux Enterprise Software Development Kit 11 SP4
imlib2-1.4.2-2.20.1
imlib2-devel-1.4.2-2.20.1
imlib2-filters-1.4.2-2.20.1
imlib2-loaders-1.4.2-2.20.1

Ссылки

Описание

imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-devel-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-filters-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-loaders-1.4.2-2.20.1
Ссылки

Описание

imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-devel-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-filters-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-loaders-1.4.2-2.20.1
Ссылки

Описание

imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-devel-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-filters-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-loaders-1.4.2-2.20.1
Ссылки

Описание

Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-devel-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-filters-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-loaders-1.4.2-2.20.1
Ссылки

Описание

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-devel-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-filters-1.4.2-2.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4:imlib2-loaders-1.4.2-2.20.1
Ссылки