Download
| Alert*
oval:org.secpod.oval:def:89002215
This update for gtk2 provides the following fixes: These security issues were fixed: - CVE-2017-6312: Prevent integer overflow that allowed context-dependent attackers to cause a denial of service via a crafted image entry offset in an ICO file . - CVE-2017-6314: The make_available_at_least functio ... oval:org.secpod.oval:def:89044989 This update for gdk-pixbuf fixes the following issues: - CVE-2017-2862: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability - CVE-2017-2870: tiff_image_parse Code Execution Vulnerability - CVE-2017-6313: A dangerous integer underflow in io-icns.c - CVE-2017-6314: Infinite loop ... oval:org.secpod.oval:def:1800849 CVE-2017-6311: NULL dereference on gdk-pixbuf thumbnailer. oval:org.secpod.oval:def:1800909 CVE-2017-6311: NULL dereference on gdk-pixbuf thumbnailer oval:org.secpod.oval:def:117781 MinGW Windows GDK Pixbuf library. oval:org.secpod.oval:def:117760 MinGW Windows GDK Pixbuf library. oval:org.secpod.oval:def:704236 gdk-pixbuf: GDK Pixbuf library Several security issues were fixed in GDK-PixBuf. oval:org.secpod.oval:def:1900395 Integer overflow in io-ico.c in libgdk-pixbuf2.0-dev allows context-dependent attackers to cause a denial of service via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations. oval:org.secpod.oval:def:52103 gdk-pixbuf: GDK Pixbuf library Several security issues were fixed in GDK-PixBuf. oval:org.secpod.oval:def:1800352 CVE-2017-6311: NULL dereference on gdk-pixbuf thumbnailer; oval:org.secpod.oval:def:53228 It was discovered that multiple integer overflows in the GIF image loader in the GDK Pixbuf library may result in denial of service and potentially the execution of arbitrary code if a malformed image file is opened. |