Описание
Security update for gimp
gimp was updated to fix one security issue.
This security issue was fixed:
- CVE-2016-4994: Use-after-free vulnerabilities in the channel and layer properties parsing process (bsc#986021).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
gimp-2.8.10-7.8
gimp-lang-2.8.10-7.8
gimp-plugins-python-2.8.10-7.8
libgimp-2_0-0-2.8.10-7.8
libgimpui-2_0-0-2.8.10-7.8
SUSE Linux Enterprise Software Development Kit 12 SP1
gimp-devel-2.8.10-7.8
libgimp-2_0-0-2.8.10-7.8
libgimpui-2_0-0-2.8.10-7.8
SUSE Linux Enterprise Workstation Extension 12 SP1
gimp-2.8.10-7.8
gimp-lang-2.8.10-7.8
gimp-plugins-python-2.8.10-7.8
libgimp-2_0-0-2.8.10-7.8
libgimpui-2_0-0-2.8.10-7.8
Ссылки
- Link for SUSE-SU-2016:1962-1
- E-Mail link for SUSE-SU-2016:1962-1
- SUSE Security Ratings
- SUSE Bug 986021
- SUSE CVE CVE-2016-4994 page
Описание
Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:gimp-2.8.10-7.8
SUSE Linux Enterprise Desktop 12 SP1:gimp-lang-2.8.10-7.8
SUSE Linux Enterprise Desktop 12 SP1:gimp-plugins-python-2.8.10-7.8
SUSE Linux Enterprise Desktop 12 SP1:libgimp-2_0-0-2.8.10-7.8
Ссылки
- CVE-2016-4994
- SUSE Bug 986021