[ubuntu/trusty-security] gdk-pixbuf 2.30.7-0ubuntu1.6 (Accepted)
Emily Ratliff
emily.ratliff at canonical.com
Wed Sep 21 18:13:29 UTC 2016
gdk-pixbuf (2.30.7-0ubuntu1.6) trusty-security; urgency=medium
* SECURITY UPDATE: Fix a write out-of-bounds error parsing a malicious ico
- debian/patches/CVE-2016-6352.patch: Be more careful when parsing ico
headers. Based on upstream patch.
- Thanks to Franco Costantini for discovering this issue using QuickFuzz.
- CVE-2016-6352
* SECURITY UPDATE: Fix a heap-based buffer overflow
- debian/patches/CVE-2015-7552.patch: Protect against overflow. Based on
upstream patches.
- CVE-2015-7552
* SECURITY UPDATE: Fix multiple integer overflows
- debian/patches/CVE-2015-8875.patch: use gint64 in more places to avoid
overflow when shifting
- CVE-2015-8875
Date: 2016-09-21 15:10:13.071365+00:00
Changed-By: Emily Ratliff <emily.ratliff at canonical.com>
https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.30.7-0ubuntu1.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list