Advisories » MGASA-2018-0090

Updated gdk-pixbuf2.0 packages fix security vulnerability

Publication date: 21 Jan 2018
Modification date: 21 Jan 2018
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-1000422

Description

Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer
overflow in the gif_get_lzw function resulting in memory corruption and
potential code execution (CVE-2017-1000422).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22422
• https://www.debian.org/security/2018/dsa-4088
• https://usn.ubuntu.com/usn/usn-3532-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000422

SRPMS

5/core

• gdk-pixbuf2.0-2.32.3-1.2.mga5