Updated gdk-pixbuf2.0 packages fix security vulnerability
Publication date: 01 Nov 2022Modification date: 01 Nov 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-44648
Description
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow
vulnerability when decoding the lzw compressed stream of image data in GIF
files with lzw minimum code size equals to 12. (CVE-2021-44648)
References
- https://bugs.mageia.org/show_bug.cgi?id=30045
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LAG7HNTW3KWGP2EF5FBPHDA3R5UPDYZY/
- https://www.debian.org/security/2022/dsa-5228
- https://ubuntu.com/security/notices/USN-5607-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44648
SRPMS
8/core
- gdk-pixbuf2.0-2.42.2-1.2.mga8