First Last Prev Next    This bug is not in your last search results.
Bug 39562 - gdk-pixbuf: Denial of Service (4.0)
gdk-pixbuf: Denial of Service (4.0)
Status: CLOSED WONTFIX
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.0
Other Linux
: P4 normal (vote)
: UCS 4.0-x-errata
Assigned To: Security maintainers
:
Depends on:
Blocks: 39563
  Show dependency treegraph
 
Reported: 2015-10-15 15:51 CEST by Arvid Requate
Modified: 2019-04-11 19:25 CEST (History)
0 users

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score:
requate: Patch_Available+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2015-10-15 15:51:59 CEST 
The following issues have been discovered in gdk-pixbuf:

* Heap overflow and DoS with a tga file (CVE-2015-7673)
* Heap overflow with a gif file (CVE-2015-7674)

+++ This bug was initially created as a clone of Bug #28183 +++
Comment 1 Arvid Requate univentionstaff 2015-10-15 16:01:51 CEST 
Debian upstream package version 2.26.1-1+deb7u1 fixes this issue:

* gdk-pixbuf heap overflow and DoS (CVE-2015-4491)
Comment 2 Arvid Requate univentionstaff 2016-05-03 15:48:10 CEST 
Fixed in 2.26.1-1+deb7u4:

* Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file. (CVE-2015-7552)
Comment 3 Arvid Requate univentionstaff 2016-05-31 12:44:54 CEST 
CVE-2015-7674 is fixed properly in that version too.

the Jessie version 2.31.1-2+deb8u5 also fixes 

* Integer overflows in pixops_* functions (CVE-2015-8875)

bit the Wheezy version 2.26.1-1+deb7u4 doesn't show it in the changelog, the Debian Security tracker claims it as fixed in wheezy security though. A bit unclear..
Comment 4 Arvid Requate univentionstaff 2016-06-01 19:11:30 CEST 
UCS 4.0 is out of maintenance. See Blocks field for the UCS 4.1 specific bug.
First Last Prev Next    This bug is not in your last search results.