Advisories » MGASA-2024-0312

Updated gtk+2.0 and gtk+3.0 packages fix security vulnerability

Publication date: 25 Sep 2024
Modification date: 25 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-6655

Description

A flaw was found in the GTK library. Under certain conditions, it is
possible for a library to be injected into a GTK application from the
current working directory. (CVE-2024-6655)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33409
• https://ubuntu.com/security/notices/USN-6899-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6655

SRPMS

9/core

• gtk+2.0-2.24.33-5.1.mga9
• gtk+3.0-3.24.38-1.1.mga9