Joined: 12 May 2004
|Posted: Mon Dec 21, 2015 3:26 pm Post subject: [ GLSA 201512-05 ] gdk-pixbuf
|Gentoo Linux Security Advisory
Title: gdk-pixbuf: Multiple Vulnerabilities (GLSA 201512-05)
Date: December 21, 2015
Bug(s): #556314, #562878, #562880
Multiple buffer overflow vulnerabilities in gdk-pixbuf may allow
remote attackers to execute arbitrary code or cause Denial of Service.
gdk-pixbuf is an image loading library for GTK+.
Vulnerable: < 2.32.1
Unaffected: >= 2.32.1
Architectures: All supported architectures
Three heap-based buffer overflow vulnerabilities have been discovered in
gdk-pixbuf. Please review the CVE identifiers referenced below for
A remote attacker could entice a user to open a specially crafted image
file with an application linked against gdk-pixbuf, possibly resulting in
execution of arbitrary code with the privileges of the process or a
Denial of Service condition.
There is no known workaround at this time.
All gdk-pixbuf users should upgrade to the latest version:
Packages which depend on this library may need to be recompiled. Tools
|# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/gdk-pixbuf-2.32.1"
such as revdep-rebuild may assist in identifying these packages.