[ubuntu/trusty-security] gdk-pixbuf 2.30.7-0ubuntu1.6 (Accepted)

Emily Ratliff Wed, 21 Sep 2016 11:14:02 -0700

gdk-pixbuf (2.30.7-0ubuntu1.6) trusty-security; urgency=medium

  * SECURITY UPDATE: Fix a write out-of-bounds error parsing a malicious ico
    - debian/patches/CVE-2016-6352.patch: Be more careful when parsing ico
      headers. Based on upstream patch.
    - Thanks to Franco Costantini for discovering this issue using QuickFuzz.
    - CVE-2016-6352
  * SECURITY UPDATE: Fix a heap-based buffer overflow
    - debian/patches/CVE-2015-7552.patch: Protect against overflow. Based on
      upstream patches.
    - CVE-2015-7552
  * SECURITY UPDATE: Fix multiple integer overflows
    - debian/patches/CVE-2015-8875.patch: use gint64 in more places to avoid
      overflow when shifting
    - CVE-2015-8875


Date: 2016-09-21 15:10:13.071365+00:00
Changed-By: Emily Ratliff <emily.ratl...@canonical.com>
https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.30.7-0ubuntu1.6

Sorry, changesfile not available.

-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] gdk-pixbuf 2.30.7-0ubuntu1.6 (Accepted)

Reply via email to