Описание
Security update for gegl
This update for gegl fixes the following issues:
Security issue fixed:
- Fix CVE-2012-4433: Fix buffer overflow in and add plausibility checks to ppm-load op (bsc#789835).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
gegl-0_2-0.2.0-14.3
gegl-0_2-lang-0.2.0-14.3
libgegl-0_2-0-0.2.0-14.3
SUSE Linux Enterprise Software Development Kit 12 SP2
gegl-devel-0.2.0-14.3
libgegl-0_2-0-0.2.0-14.3
SUSE Linux Enterprise Workstation Extension 12 SP2
gegl-0_2-0.2.0-14.3
gegl-0_2-lang-0.2.0-14.3
libgegl-0_2-0-0.2.0-14.3
Ссылки
- Link for SUSE-SU-2017:0694-1
- E-Mail link for SUSE-SU-2017:0694-1
- SUSE Security Ratings
- SUSE Bug 789835
- SUSE CVE CVE-2012-4433 page
Описание
Multiple integer overflows in operations/external/ppm-load.c in GEGL (Generic Graphics Library) 0.2.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large (1) width or (2) height value in a Portable Pixel Map (ppm) image, which triggers a heap-based buffer overflow.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:gegl-0_2-0.2.0-14.3
SUSE Linux Enterprise Desktop 12 SP2:gegl-0_2-lang-0.2.0-14.3
SUSE Linux Enterprise Desktop 12 SP2:libgegl-0_2-0-0.2.0-14.3
SUSE Linux Enterprise Software Development Kit 12 SP2:gegl-devel-0.2.0-14.3
Ссылки
- CVE-2012-4433
- SUSE Bug 1023636
- SUSE Bug 1028070
- SUSE Bug 1089725
- SUSE Bug 789835