Univention Bugzilla – Bug 39563
gdk-pixbuf: Denial of Service (4.1)
Last modified: 2019-04-11 19:23:25 CEST
The following issues have been discovered in gdk-pixbuf: * Heap overflow and DoS with a tga file (CVE-2015-7673) * Heap overflow with a gif file (CVE-2015-7674) +++ This bug was initially created as a clone of Bug #39562 +++
Debian upstream package version 2.26.1-1+deb7u1 fixes this issue: * gdk-pixbuf heap overflow and DoS (CVE-2015-4491)
Fixed in 2.26.1-1+deb7u4: * Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file. (CVE-2015-7552)
CVE-2015-7674 is fixed properly in that version too. the Jessie version 2.31.1-2+deb8u5 also fixes * Integer overflows in pixops_* functions (CVE-2015-8875) bit the Wheezy version 2.26.1-1+deb7u4 doesn't show it in the changelog, the Debian Security tracker claims it as fixed in wheezy security though. A bit unclear..
2.26.1-1+deb7u6 fixed CVE-2017-2862: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability
This issue has been filed against UCS 4.1. UCS 4.1 is out of maintenance and many UCS components have vastly changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen this issue. In this case please provide detailed information on how this issue is affecting you.