gtk2-2.10.4-29.0.1.AXS3

GTK+ is a multi-platform toolkit for creating graphical user interfaces. Offering a complete set of widgets, GTK+ is suitable for projects ranging from small one-off tools to complete application suites.

Security issues fixed with this release:

• CVE-2012-2370
Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.

Fixed bugs:

• Fixed the GtkNotebook widget's handling of drag-and-drop operations on tabs: applications using the widget do no crash with a segmentation fault any longer.