Debian Security Advisory
DSA-3337-1 gdk-pixbuf -- security update
- Date Reported:
- 18 Aug 2015
- Affected Packages:
- gdk-pixbuf
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-4491.
- More information:
-
Gustavo Grieco discovered a heap overflow in the processing of BMP images which may result in the execution of arbitrary code if a malformed image is opened.
For the oldstable distribution (wheezy), this problem has been fixed in version 2.26.1-1+deb7u3.
For the stable distribution (jessie), this problem has been fixed in version 2.31.1-2+deb8u4.
For the testing distribution (stretch), this problem has been fixed in version 2.31.7-1.
For the unstable distribution (sid), this problem has been fixed in version 2.31.7-1.
We recommend that you upgrade your gdk-pixbuf packages.