[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 501-1] gdk-pixbuf security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : gdk-pixbuf
Version        : 2.26.1-1+deb7u5
CVE ID         : CVE-2015-7552


It was discovered that the original fix for CVE-2015-7552 (DLA-450-1)
was incomplete.

A heap-based buffer overflow in gdk-pixbuf, a library for image
loading and saving facilities, fast scaling and compositing of
pixbufs, allows remote attackers to cause a denial of service or
possibly execute arbitrary code via a crafted BMP file.

For Debian 7 "Wheezy", these problems have been fixed in version
2.26.1-1+deb7u5.

We recommend that you upgrade your gdk-pixbuf packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJXT9fNXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkwFwQAI+wK8XRK2oZKsAXAq/Q1jPd
7cWKUR5yVvvgxpzjrLAdtzuBzTCJjI6xKvd/BCVzEmpxUZENXzlprlOMWLso9QZo
NGF+t/9Jueg2whcufFKpebveM3cwUoVQ8TiTSxJai7ND/cyZibt+4R/V/moTroXO
+DKYGlRKN3iNoYRyQX3W40jnSyjwGt/3ZjJ5AecSuei7biYYlC5FGUY9Pnd3pts8
2q0gDFnQjahAyySC4Esx3etdOusELoktDqD10RSkrfYYLbCavi7I6Aid/25u/W5S
MrBFhdEvzCe7rW0lwIuI3bWykwJyHLIpAxntraVGrFQSNt29PVdPhZEceF61LgZG
Jn6sGNCoAL0wj9BF7gtbU9qNmoD9/XHtkjaCBtAVfL0psFwp2ZMjQU5ZzG4F/TnI
18qcF5iogCV2cv3lxTwJvUFBPvwwVtKS+ktSUSMeu6PXg/+VAhy48JdFqHYzPXZF
dCQRXgNOOCWvfhHOa8E+DCn4y/f34vC+AEKNf8bkr6MD2f7hijEn2RSWq3ptMd1b
hPo3WuAvDvUbpfAId1MXidfkRBjTxRRCuciyP2kwbkNZ3lHW6xm1vqEO44PS9fMC
pzLRXzo0ERh1IssJfFRtgyzv2OUDidAZzw7u210uPJY8uh4525LirbTaN9h5eW9I
hOA2qMhZ/D7NTj4W6xcU
=CBPA
-----END PGP SIGNATURE-----


Reply to: