openSUSE-SU-2018:2287-1

Опубликовано: 09 авг. 2018

Источник: suse-cvrf

Описание

Security update for gdk-pixbuf

This update for gdk-pixbuf fixes the following issues:

Security issue fixed:

CVE-2015-4491: Fix integer multiplication overflow that allows for DoS or potentially RCE (bsc#1053417).

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Список пакетов

openSUSE Leap 42.3

gdk-pixbuf-2.34.0-19.1

gdk-pixbuf-devel-2.34.0-19.1

gdk-pixbuf-devel-32bit-2.34.0-19.1

gdk-pixbuf-lang-2.34.0-19.1

gdk-pixbuf-query-loaders-2.34.0-19.1

gdk-pixbuf-query-loaders-32bit-2.34.0-19.1

libgdk_pixbuf-2_0-0-2.34.0-19.1

libgdk_pixbuf-2_0-0-32bit-2.34.0-19.1

typelib-1_0-GdkPixbuf-2_0-2.34.0-19.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2018-08/msg00033.html
E-Mail link for openSUSE-SU-2018:2287-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.

Затронутые продукты

openSUSE Leap 42.3:gdk-pixbuf-2.34.0-19.1

openSUSE Leap 42.3:gdk-pixbuf-devel-2.34.0-19.1

openSUSE Leap 42.3:gdk-pixbuf-devel-32bit-2.34.0-19.1

openSUSE Leap 42.3:gdk-pixbuf-lang-2.34.0-19.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-4491.html
CVE-2015-4491
https://bugzilla.suse.com/940806
SUSE Bug 940806
https://bugzilla.suse.com/942801
SUSE Bug 942801
https://bugzilla.suse.com/948790
SUSE Bug 948790

openSUSE-SU-2018:2287-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2015-4491

Описание

Затронутые продукты

Ссылки