Opened 9 years ago

Closed 9 years ago

#6835 closed enhancement (fixed)

gdk-pixbuf-2.31.6

Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: high Milestone: 7.8
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.31/gdk-pixbuf-2.31.6.tar.xz

http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.31/gdk-pixbuf-2.31.6.sha256sum

111203d6f295d69d36e7190204248331cd37285130ac483becdedcd3f0135d18

http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.31/gdk-pixbuf-2.31.6.news 

2.31.6
======

* Really fix bug 752297. This is CVE-2015-4491
* Translation updates: Catalan

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491 

Integer overflow in the make_filter_table function in pixops/pixops.c in
gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and
Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other
products, allows remote attackers to execute arbitrary code or cause a
denial of service (heap-based buffer overflow and application crash) via
crafted bitmap dimensions that are mishandled during scaling.

Change History (2)

comment:1 by Fernando de Oliveira, 9 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

Ticket Summary #6837 cups-filters-1.0.73 #6836 libdrm-2.4.64 #6835 gdk-pixbuf-2.31.6 #6834 ruby-2.2.3

comment:2 by Fernando de Oliveira, 9 years ago

Resolution: fixed
Status: assignedclosed
  • Update to ruby-2.2.3.
  • Update to gdk-pixbuf-2.31.6.
  • Update to libdrm-2.4.64.
  • Update to cups-filters-1.0.73.

Fixed at r16352.

Note: See TracTickets for help on using tickets.