Bugtraq: [SECURITY] [DSA 3589-1] gdk-pixbuf security update

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

- ------------------------------------------------------------------------

-

Debian Security Advisory DSA-3589-1 security (at) debian (dot) org [email concealed]

http://ift.tt/1kZ5swi Salvatore Bonaccorso

May 30, 2016 http://ift.tt/1S3Txy1

- ------------------------------------------------------------------------

-

Package : gdk-pixbuf

CVE ID : CVE-2015-7552 CVE-2015-8875

Several vulnerabilities have been discovered in gdk-pixbuf, a toolkit

for image loading and pixel buffer manipulation. A remote attacker can

take advantage of these flaws to cause a denial-of-service against an

application using gdk-pixbuf (application crash), or potentially, to

execute arbitrary code with the privileges of the user running the

application, if a malformed image is opened.

For the stable distribution (jessie), these problems have been fixed in

version 2.31.1-2+deb8u5.

We recommend that you upgrade your gdk-pixbuf packages.

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: http://ift.tt/1kZ5swi

Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed]

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

iQIcBAEBCgAGBQJXTIJKAAoJEAVMuPMTQ89EJTMP/0lZOykSdff1w5R2cEb34bmB

WzK7oNsvmehDtH59FHdQjmH/KT7RDtQibeAnLPwfDkqtvix76xVthysvdUdloiIT

5kYLc1M8oXomFEkO5/x6Nsfl/LfG7gZbDPWv8hdiAQNVCz6cFqVCVNZdOTPbIkCJ

jhiCrHYMp0eRs0k7C0OsbWQfIlLlbaXgre1MZiRSUd+lyb6XyvVNPkWZ540MVCaN

2++1QhfopCsx1Ts1ImG8wiPQohXPFCBgfYmGf1pq0KonMTfigNNf8BccchA6fBRv

4ikP0OOVq0+fPYLCVT4COFHEYa24nshdSRsD0hADd5P3zC5rsS6k9j2NgQIYZPPa

p4opW2QAK8dIW/sFdPme7G9+wmhtnini+hHCcoYQsJsXeNU8wc2/HF8X1FjfW0Mz

xQ+1gADG3CllFJZi4x6IhWPxOHufnu156nwu2vxO2oCZde9edSpB86IUKxd/l2Br

Rra2dBkhj9ZcH3sai4Gx5q5S+oeKCvZoRoT+eVyK5uouGvqPY9urmf8yW8bRhyu0

Fa+bp8KdrYQuyWSCa31Y0vS+gH9JXs6hBTbDLmcUcY8RpcCDgTrdPQdrwfOVQlu7

IpOuPff+zlipYo/E236Mzuf6Aww3x7A98DS2XTX2zoS0CuJyrXcI0abIkWJYvWOb

6TaO9/LyDrmvGv753VM2

=F1mf

-----END PGP SIGNATURE-----

[ reply ]


from SecurityFocus Vulnerabilities http://ift.tt/1VqLwqX