Описание
Security update for gdk-pixbuf
This update for gdk-pixbuf fixes the following issues:
- CVE-2022-48622: Fixed files rejection with multiple anih chunks (bsc#1219276).
Список пакетов
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Image SLES15-SP3-SAP-BYOS-Azure
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Image SLES15-SP3-SAP-BYOS-GCE
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Image SLES15-SP3-SAPCAL-Azure
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Image SLES15-SP3-SAPCAL-EC2-HVM
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Image SLES15-SP3-SAPCAL-GCE
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
SUSE Enterprise Storage 7.1
gdk-pixbuf-devel-2.40.0-150200.3.12.1
gdk-pixbuf-lang-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1
gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1
typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1
typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
gdk-pixbuf-devel-2.40.0-150200.3.12.1
gdk-pixbuf-lang-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1
gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1
typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1
typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
gdk-pixbuf-devel-2.40.0-150200.3.12.1
gdk-pixbuf-lang-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1
gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1
typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1
typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1
SUSE Linux Enterprise Micro 5.2
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1
SUSE Linux Enterprise Server 15 SP2-LTSS
gdk-pixbuf-devel-2.40.0-150200.3.12.1
gdk-pixbuf-lang-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1
gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1
typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1
typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1
SUSE Linux Enterprise Server 15 SP3-LTSS
gdk-pixbuf-devel-2.40.0-150200.3.12.1
gdk-pixbuf-lang-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1
gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1
typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1
typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
gdk-pixbuf-devel-2.40.0-150200.3.12.1
gdk-pixbuf-lang-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1
gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1
typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1
typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
gdk-pixbuf-devel-2.40.0-150200.3.12.1
gdk-pixbuf-lang-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1
gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1
typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1
typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1
Ссылки
- Link for SUSE-SU-2024:1842-1
- E-Mail link for SUSE-SU-2024:1842-1
- SUSE Security Ratings
- SUSE Bug 1219276
- SUSE CVE CVE-2022-48622 page
Описание
In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.
Затронутые продукты
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1
Ссылки
- CVE-2022-48622
- SUSE Bug 1219276
- SUSE Bug 1220293