gegl-0.1.2-4.AXS4

エラータID: AXSA:2012-1027:01

Release date: 
Thursday, December 13, 2012 - 15:41
Subject: 
gegl-0.1.2-4.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

EGL (Generic Graphics Library) is a graph based image processing framework. GEGLs original design was made to scratch GIMPs itches for a new compositing and processing core. This core is being designed to have minimal dependencies. and a simple well defined API.

Security issues fixed with this release:

• CVE-2012-4433
Multiple integer overflows in operations/external/ppm-load.c in GEGL (Generic Graphics Library) 0.2.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large (1) width or (2) height value in a Portable Pixel Map (ppm) image, which triggers a heap-based buffer overflow.

Solution: 

Update packages.

CVEs: 
CVE-2012-4433
Multiple integer overflows in operations/external/ppm-load.c in GEGL (Generic Graphics Library) 0.2.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large (1) width or (2) height value in a Portable Pixel Map (ppm) image, which triggers a heap-based buffer overflow.


Additional Info: 

N/A

Download: 

SRPMS
  1. gegl-0.1.2-4.AXS4.src.rpm
    MD5: 57bbe7b22cb663bb6c4687b08948ef25
    SHA-256: 79088ab3aa48738b67a15bdac9498b3979e459ae0e3cadaf29f1105756645f23
    Size: 3.00 MB

Asianux Server 4 for x86
  1. gegl-0.1.2-4.AXS4.i686.rpm
    MD5: bd3b549663fb54bfb3c33c117324dfd7
    SHA-256: 2f8a5bcfb4ab1e54020568be4810f63bd8eed28cba2f8d8526025d1c87f8ff56
    Size: 399.55 kB

Asianux Server 4 for x86_64
  1. gegl-0.1.2-4.AXS4.x86_64.rpm
    MD5: ccdbb64026103f9c9ca3e38a4d4b8b43
    SHA-256: fe46205bb0da26b3529a4193ecc38665c7f2186b4f96112fc59135b9ffcba955
    Size: 412.39 kB