Updated imlib2 packages fix security vulnerabilities
Publication date: 13 Apr 2016Modification date: 13 Apr 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-3993 , CVE-2016-3994 , CVE-2011-5326
Description
Updated imlib2 packages fix security vulnerabilities: An out-of-bounds read caused by an off-by-one error in __imlib_MergeUpdate() in src/lib/updates.c in imlib2 1.4.8 and earlier (CVE-2016-3993). An out-of-bounds read from colormap in the GIF loader in imlib2 1.4.8 and earlier can result in denial of service and potential host memory exposure (CVE-2016-3994). Attempting to draw a 2x1 ellipse with e.g. imlib_image_draw_ellipse(x, y, 2, 1) causes a divide-by-zero in imlib2 1.4.8 and earlier, resulting in a denial of service if an application uses the draw command with untrusted input (CVE-2011-5326).
References
- https://bugs.mageia.org/show_bug.cgi?id=18183
- http://openwall.com/lists/oss-security/2016/04/10/3
- http://openwall.com/lists/oss-security/2016/04/10/4
- http://openwall.com/lists/oss-security/2016/04/11/1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3993
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3994
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5326
SRPMS
5/core
- imlib2-1.4.8-1.mga5