Updated gtk+2.0 packages fix CVE-2013-7447
Publication date: 17 Feb 2016Modification date: 17 Feb 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2013-7447
Description
Updated gtk+2.0 packages fix security vulnerability:
Due to a logic error, an attempt to allocate a large block of memory
fails in gdk_cairo_set_source_pixbuf, leading to a crash of the app
that called it, for example, eom (CVE-2013-7447).
References
- https://bugs.mageia.org/show_bug.cgi?id=17738
- https://bugs.launchpad.net/ubuntu/+source/gtk+2.0/+bug/1540811
- https://github.com/mate-desktop/eom/issues/93
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799275
- https://bugzilla.gnome.org/show_bug.cgi?id=703220
- https://git.gnome.org/browse/gtk+/commit?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6
- http://openwall.com/lists/oss-security/2016/02/10/2
- https://bugs.mageia.org/show_bug.cgi?id=17731
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7447
SRPMS
5/core
- gtk+2.0-2.24.26-3.mga5