Debian Long Term Support / LTS Security Information / 2016 / Security Information -- DLA-419-1 gtk+2.0

Debian Security Advisory

DLA-419-1 gtk+2.0 -- LTS security update

Date Reported:

17 Feb 2016

Affected Packages:

gtk+2.0

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 799275.
In Mitre's CVE dictionary: CVE-2013-7447.

More information:

Gtk+2.0, a graphical user interface library, was susceptible to an integer overflow in its gdk_cairo_set_source_pixbuf function when allocating a large block of memory.

For Debian 6 Squeeze, this issue has been fixed in gtk+2.0 version 2.20.1-2+deb6u1. We recommend you to upgrade your gtk+2.0 packages.