Описание
Security update for gtk2
This update for gtk2 fixes the following issues:
- CVE-2013-7447: Avoid an overflow when allocating a cairo pixbuf (bsc#966682).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
gtk2-lang-2.24.24-3.1
gtk2-tools-2.24.24-3.1
gtk2-tools-32bit-2.24.24-3.1
libgtk-2_0-0-2.24.24-3.1
libgtk-2_0-0-32bit-2.24.24-3.1
typelib-1_0-Gtk-2_0-2.24.24-3.1
SUSE Linux Enterprise Server 12 SP1
gtk2-lang-2.24.24-3.1
gtk2-tools-2.24.24-3.1
gtk2-tools-32bit-2.24.24-3.1
libgtk-2_0-0-2.24.24-3.1
libgtk-2_0-0-32bit-2.24.24-3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
gtk2-lang-2.24.24-3.1
gtk2-tools-2.24.24-3.1
gtk2-tools-32bit-2.24.24-3.1
libgtk-2_0-0-2.24.24-3.1
libgtk-2_0-0-32bit-2.24.24-3.1
SUSE Linux Enterprise Software Development Kit 12 SP1
gtk2-devel-2.24.24-3.1
typelib-1_0-Gtk-2_0-2.24.24-3.1
SUSE Linux Enterprise Workstation Extension 12 SP1
typelib-1_0-Gtk-2_0-2.24.24-3.1
Ссылки
- Link for SUSE-SU-2016:2550-1
- E-Mail link for SUSE-SU-2016:2550-1
- SUSE Security Ratings
- SUSE Bug 966682
- SUSE CVE CVE-2013-7447 page
Описание
Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:gtk2-lang-2.24.24-3.1
SUSE Linux Enterprise Desktop 12 SP1:gtk2-tools-2.24.24-3.1
SUSE Linux Enterprise Desktop 12 SP1:gtk2-tools-32bit-2.24.24-3.1
SUSE Linux Enterprise Desktop 12 SP1:libgtk-2_0-0-2.24.24-3.1
Ссылки
- CVE-2013-7447
- SUSE Bug 966682