gegl04-0.4.4-6.el8.2
エラータID: AXSA:2022-2998:01
Release date:
Thursday, January 20, 2022 - 13:05
Subject:
gegl04-0.4.4-6.el8.2
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
GEGL (Generic Graphics Library) is a graph-based image processing framework.
Security Fix(es):
* gegl: shell expansion via a crafted pathname (CVE-2021-45463)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE-2021-45463
GEGL before 0.4.34, as used (for example) in GIMP before 2.10.30, allows shell
expansion when a pathname in a constructed command line is not escaped or
filtered. This is caused by use of the system library function for execution of
the ImageMagick convert fallback in magick-load.
Solution:
Update packages.
CVEs:
CVE-2021-45463
GEGL before 0.4.34, as used (for example) in GIMP before 2.10.30, allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load.
GEGL before 0.4.34, as used (for example) in GIMP before 2.10.30, allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load.
Additional Info:
N/A
Download:
SRPMS
- gegl04-0.4.4-6.el8.2.src.rpm
MD5: d63fe36f1f4829330a5c3367598c637a
SHA-256: 36eb7da8bf08814ceae3d2ebe1c3c90f01752f70f8e981312403fdc5af0fb53f
Size: 6.51 MB
Asianux Server 8 for x86_64
- gegl04-0.4.4-6.el8.2.x86_64.rpm
MD5: c87afee25eeeae299c940735118d01d2
SHA-256: d008c541331bc14a0dc8797be4537bb64b5ffe7bd056675797a0504d2b1fcb22
Size: 1.51 MB - gegl04-devel-0.4.4-6.el8.2.x86_64.rpm
MD5: e242408fdbcaa4528fcb71687b55aa9b
SHA-256: 4086c05e6e129c7f9106a827179b253c0cfc60261fa89a724549c3c18f467726
Size: 113.79 kB - gegl04-0.4.4-6.el8.2.i686.rpm
MD5: 5c51275860ab2fd0011e1690f65fd87f
SHA-256: 519526361a9c7dc34eb034403216e6edd17378149b3ae5b10cc69ec9017f2e22
Size: 1.54 MB - gegl04-devel-0.4.4-6.el8.2.i686.rpm
MD5: 487d163655ec57d12960240a5e96e127
SHA-256: c9c25c205abad7ac6f70dfb8daa7e0039ac3bf18893e1e17da60bf679c14181d
Size: 113.82 kB
日本語