gdk-pixbuf2-2.42.6-3.el9
エラータID: AXSA:2023-5591:01
The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter.
Security Fix(es):
* gdk-pixbuf: heap-buffer overflow when decoding the lzw compressed stream of image data (CVE-2021-44648)
* gdk-pixbuf: heap-based buffer overflow when compositing or clearing frames in GIF files (CVE-2021-46829)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2021-44648
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
CVE-2021-46829
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.
Update packages.
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.
N/A
SRPMS
- gdk-pixbuf2-2.42.6-3.el9.src.rpm
MD5: e6be16c0b12b3bad953c81729b3e3d43
SHA-256: 7ca3f51a4ea79161dd91ff4864e762a94a2e46dee76e8344a12bd70b61bad113
Size: 7.37 MB
Asianux Server 9 for x86_64
- gdk-pixbuf2-2.42.6-3.el9.i686.rpm
MD5: 45a9239ada41fd811c5e167d9acc7ab5
SHA-256: 595cf6d0da2d0f5784844785e26fd31f79a7c0428aa889a0f1cdb881749d7a2b
Size: 474.23 kB - gdk-pixbuf2-2.42.6-3.el9.x86_64.rpm
MD5: ca3c8e115eaa057a3b1793c27b684e18
SHA-256: 538910ddde3137245f490a62a33f03e46461772f581ca501f67ec3604e00ffa3
Size: 466.34 kB - gdk-pixbuf2-devel-2.42.6-3.el9.i686.rpm
MD5: 97eb504aa079dd5119df0fdc409a96c9
SHA-256: 3326046b0a3f00f4714ec7e92c49733eb9768ccd6feb23258c2aa90d0f458c5f
Size: 63.79 kB - gdk-pixbuf2-devel-2.42.6-3.el9.x86_64.rpm
MD5: 2a72d2e4de2bac1102a0cf350223f6b7
SHA-256: d933b8a0a4dfcea98c1dc27cfc610e58c4f5799d75a1a0cbd7c32a340c5b18ec
Size: 63.52 kB - gdk-pixbuf2-modules-2.42.6-3.el9.i686.rpm
MD5: a5d4934eaf012249a3781bbf603e96d6
SHA-256: b8a3934d0942318e34e8d1c5172b549ed05827edcff572e251ff5cde6d50f9a3
Size: 88.66 kB - gdk-pixbuf2-modules-2.42.6-3.el9.x86_64.rpm
MD5: 7bec70904b85c67cbf1d6567d2ef9fab
SHA-256: 272704a8efd14b319f819a9b4d4194927642749c9b07c1cb41b96491244d4529
Size: 84.16 kB