[SECURITY] DLA-2066-1 gthumb security update

[Abhijith PA <abhijith@disroot.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : gthumb
Version        : 3:3.3.1-2.1+deb8u2
CVE ID         : CVE-2019-20326


A heap-based buffer overflow in
_cairo_image_surface_create_from_jpeg() in
extensions/cairo_io/cairo-image-surface-jpeg.c in gThumb and Pix
allows attackers to cause a crash and potentially execute arbitrary
code via a crafted JPEG file.

For Debian 8 "Jessie", this problem has been fixed in version
3:3.3.1-2.1+deb8u2.

We recommend that you upgrade your gthumb packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAl4dgy8ACgkQhj1N8u2c
KO95sw/8DY54i6Ax4oaEbsJLpY+pxDHqHnQwHU5wxIYXDBdtI2JH99hAw+3i8UCw
h8Hwr7OOMd4guFbwyacqfxIr1kUWxsNTAwMBnZYAOq8dW84bYBytEY90QhXtPYMf
jGgqXqnydQjuxqvDdHAoABj1AWRHf/nLlWCg9IHT5xq/0D1Xnj2SLNJPQwn/7nI9
BAP7IYKld8MaKDIkMq3SMQE/AuAV4Irsvwne1zOSnLwWYzSrovpwexmnzZc1Q/No
rPqBhgUXzUP9O56e/wSDzxxU9R/w7Ys+kIXXBPiZihnPHAB39SEqJRjfLjRnuQAE
waF0lol9BTq35HC2uHKuxOictG2pH6OUUhNZMDiOFsMSyZsvYduGHutCb2D2gxBp
LkiHTVmI4NUgEVIsas2cRI2CqRoFxq4YkaS7BGiRGRgPmrDMVXdPZcEc7923SEyN
LFA0/GlY54OgGS2OM34Mf/nGu43hCdwtUA133GzGSXWK3A2rl3tffcmF8ixE++1P
HVMSzjbn6nJ8NN45zP1+KyuyjQqmbGHt3tZnPjmcK9xCDOLjFkXKEu59u2pNiq8K
86YHUfLiWGkk+UyKzCB4w1Ce0uvWIRQ5rGIUBp7EPkjnkKINUtHP9q5C7O4i/SUR
mFQWV5D/H2OV4UMPxzF9eBxa2own8y+0nt9nJTHOkOE/Bv/fMdE=
=Jt6M
-----END PGP SIGNATURE-----