This update for gtk2 provides the following fixes: These security issues were fixed: - CVE-2017-6312: Prevent integer overflow that allowed context-dependent attackers to cause a denial of service via a crafted image entry offset in an ICO file . - CVE-2017-6314: The make_available_at_least function allowed context-dependent attackers to cause a denial of service via a large TIFF file . - CVE-2017-6313: Prevent integer underflow in the load_resources function that allowed context-dependent attackers to cause a denial of service via a crafted image entry size in an ICO file . - CVE-2017-2862: Prevent heap overflow in the gdk_pixbuf__jpeg_image_load_increment function. A specially crafted jpeg file could have caused a heap overflow resulting in remote code execution - CVE-2017-2870: Prevent integer overflow in the tiff_image_parse functionality. A specially crafted tiff file could have caused a heap-overflow resulting in remote code execution . This non-security issue was fixed: - Prevent an infinite loop when a window is destroyed while traversed .