Описание
Security update for gdk-pixbuf
This update for gdk-pixbuf fixes the following issues:
- CVE-2015-7552: Fixed various overflows in image handling (boo#958963).
- CVE-2015-7673: Fixed an overflow and DoS with a TGA file (boo#948790).
- CVE-2015-7674: Fixed overflow when scaling a gif (boo#948791).
Список пакетов
openSUSE Leap 42.1
Ссылки
- E-Mail link for openSUSE-SU-2016:1467-1
- SUSE Security Ratings
Описание
Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file.
Затронутые продукты
Ссылки
- CVE-2015-7552
- SUSE Bug 958963
Описание
io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.
Затронутые продукты
Ссылки
- CVE-2015-7673
- SUSE Bug 948790
Описание
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
Затронутые продукты
Ссылки
- CVE-2015-7674
- SUSE Bug 948791