it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 4088-1] gdk-pixbuf security update
- Date: Mon, 15 Jan 2018 20:59:55 +0100
- List-archive: https://lists.debian.org/msgid-search/20180115195955.GA4362 AT pisco.westfalen.local
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-return-path: <jmm AT inutil.org>
- Priority: urgent
- Resent-date: Mon, 15 Jan 2018 20:00:17 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <A9OwYOek00M.A.sHE.RhQXaB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4088-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 15, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : gdk-pixbuf
CVE ID : CVE-2017-1000422
It was discovered that multiple integer overflows in the GIF image loader
in the GDK Pixbuf library may result in denial of service and potentially
the execution of arbitrary code if a malformed image file is opened.
For the oldstable distribution (jessie), this problem has been fixed
in version 2.31.1-2+deb8u7.
For the stable distribution (stretch), this problem has been fixed in
version 2.36.5-2+deb9u2. In addition this update provides fixes for
CVE-2017-6312, CVE-2017-6313 and CVE-2017-6314.
We recommend that you upgrade your gdk-pixbuf packages.
For the detailed security status of gdk-pixbuf please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gdk-pixbuf
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlpdB9wACgkQEMKTtsN8
TjbZNw/9HC6/7XcvtoNhCLhlrOwZKsBbJpeDoZq4C4NsRWeDKEs+ECu5HeeCK/oa
s5idrv15kq6Ikb4kayi4hlYMorD4NzAU8yGEfItAhIvvLCmgmYG8mjkGN6yrZLjJ
2LZAGIJBeiAoh3rVwQsC2b+y/WS/6N5iicMCvP9IqSqTamhYzB6OXOUb4K0Jb18n
VLCBCV6WjHDLt3auW05diVhhrCSV1tdqij/imc3RgELx51thBdHDQ/0Yobu8Kc/g
gEPq/+2ynH1BrIwffcZMy/r4cCb8xuGj4SAaF4r7ic7ouU/+Me2Exg0C1KRkc9sC
/5174PS4AOadKpT9vqkNef2ux6VVUbegAbmv2/kbrf3hyk8lPY3vcl2rd+S+LF24
aWxLcHAwG9jeZ2JRGg4XLEl54sXMtzFN847cLIuOmnNTsPy3bGNCi+hHLpH9EKaZ
4KCHLa8DtTpx69xmaDpiqWOiCMUr66dfGaz9N5jiZkOJfS2rlg1wqdaJJ28bcnAs
5szrrT59GeUjp7IUgxDAgVFGMBnRle+58SsjJaS8IfMZj6oP5Cmpje7RS68pe37i
91L8YZgWEc9Xnq4BR74njKyBirt4yGR3+JaSmJzAaWc+TxbRJlkm3f0vZ1yQLcNm
Ww2WI/D9mZ40SyTY/fVfNcWoBCuRL9XTFDvAp8Z93KRY3G6rz1w=
=QqcC
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 4088-1] gdk-pixbuf security update, Moritz Muehlenhoff, 15.01.2018
Archiv bereitgestellt durch MHonArc 2.6.19.