Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 4088-1] gdk-pixbuf security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4088-1] gdk-pixbuf security update


Chronologisch Thread 
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 4088-1] gdk-pixbuf security update
  • Date: Mon, 15 Jan 2018 20:59:55 +0100
  • List-archive: https://lists.debian.org/msgid-search/20180115195955.GA4362 AT pisco.westfalen.local
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <jmm AT inutil.org>
  • Priority: urgent
  • Resent-date: Mon, 15 Jan 2018 20:00:17 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <A9OwYOek00M.A.sHE.RhQXaB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4088-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 15, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : gdk-pixbuf
CVE ID : CVE-2017-1000422

It was discovered that multiple integer overflows in the GIF image loader
in the GDK Pixbuf library may result in denial of service and potentially
the execution of arbitrary code if a malformed image file is opened.

For the oldstable distribution (jessie), this problem has been fixed
in version 2.31.1-2+deb8u7.

For the stable distribution (stretch), this problem has been fixed in
version 2.36.5-2+deb9u2. In addition this update provides fixes for
CVE-2017-6312, CVE-2017-6313 and CVE-2017-6314.

We recommend that you upgrade your gdk-pixbuf packages.

For the detailed security status of gdk-pixbuf please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gdk-pixbuf

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlpdB9wACgkQEMKTtsN8
TjbZNw/9HC6/7XcvtoNhCLhlrOwZKsBbJpeDoZq4C4NsRWeDKEs+ECu5HeeCK/oa
s5idrv15kq6Ikb4kayi4hlYMorD4NzAU8yGEfItAhIvvLCmgmYG8mjkGN6yrZLjJ
2LZAGIJBeiAoh3rVwQsC2b+y/WS/6N5iicMCvP9IqSqTamhYzB6OXOUb4K0Jb18n
VLCBCV6WjHDLt3auW05diVhhrCSV1tdqij/imc3RgELx51thBdHDQ/0Yobu8Kc/g
gEPq/+2ynH1BrIwffcZMy/r4cCb8xuGj4SAaF4r7ic7ouU/+Me2Exg0C1KRkc9sC
/5174PS4AOadKpT9vqkNef2ux6VVUbegAbmv2/kbrf3hyk8lPY3vcl2rd+S+LF24
aWxLcHAwG9jeZ2JRGg4XLEl54sXMtzFN847cLIuOmnNTsPy3bGNCi+hHLpH9EKaZ
4KCHLa8DtTpx69xmaDpiqWOiCMUr66dfGaz9N5jiZkOJfS2rlg1wqdaJJ28bcnAs
5szrrT59GeUjp7IUgxDAgVFGMBnRle+58SsjJaS8IfMZj6oP5Cmpje7RS68pe37i
91L8YZgWEc9Xnq4BR74njKyBirt4yGR3+JaSmJzAaWc+TxbRJlkm3f0vZ1yQLcNm
Ww2WI/D9mZ40SyTY/fVfNcWoBCuRL9XTFDvAp8Z93KRY3G6rz1w=
=QqcC
-----END PGP SIGNATURE-----



  • [IT-SecNots] [SECURITY] [DSA 4088-1] gdk-pixbuf security update, Moritz Muehlenhoff, 15.01.2018

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang