Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[SECURITY] [DLA 434-1] gtk+2.0 security update

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

Package : gtk+2.0

Version : 2.20.1-2+deb6u2

CVE ID : CVE-2015-4491 CVE-2015-7673 CVE-2015-7674

 

Gustavo Grieco discovered different security issues in Gtk+2.0's

gdk-pixbuf.

 

CVE-2015-4491

 

Heap overflow when processing BMP images which may allow to execute

of arbitrary code via malformed images.

 

CVE-2015-7673

 

Heap overflow when processing TGA images which may allow execute

arbitrary code or denial of service (process crash) via malformed

images.

 

CVE-2015-7674

 

Integer overflow when processing GIF images which may allow to

execute arbitrary code or denial of service (process crash) via

malformed image.

 

For Debian 6 "Squeeze", these issues have been fixed in gtk+2.0 version

2.20.1-2+deb6u2. We recommend you to upgrade your gtk+2.0 packages.

 

Learn more about the Debian Long Term Support (LTS) Project and how to

apply these updates at: https://wiki.debian.org/LTS/

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×