Univention Bugzilla – Bug 39562
gdk-pixbuf: Denial of Service (4.0)
Last modified: 2019-04-11 19:25:00 CEST
The following issues have been discovered in gdk-pixbuf: * Heap overflow and DoS with a tga file (CVE-2015-7673) * Heap overflow with a gif file (CVE-2015-7674) +++ This bug was initially created as a clone of Bug #28183 +++
Debian upstream package version 2.26.1-1+deb7u1 fixes this issue: * gdk-pixbuf heap overflow and DoS (CVE-2015-4491)
Fixed in 2.26.1-1+deb7u4: * Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file. (CVE-2015-7552)
CVE-2015-7674 is fixed properly in that version too. the Jessie version 2.31.1-2+deb8u5 also fixes * Integer overflows in pixops_* functions (CVE-2015-8875) bit the Wheezy version 2.26.1-1+deb7u4 doesn't show it in the changelog, the Debian Security tracker claims it as fixed in wheezy security though. A bit unclear..
UCS 4.0 is out of maintenance. See Blocks field for the UCS 4.1 specific bug.