UbuntuUpdates.org

Package "gthumb-data"

Name: gthumb-data

Description:

image viewer and browser - arch-independent files

Latest version: 3:3.8.0-2.1ubuntu0.1
Release: focal (20.04)
Level: security
Repository: universe
Head package: gthumb
Homepage: https://wiki.gnome.org/Apps/Gthumb

Links


Download "gthumb-data"


Other versions of "gthumb-data" in Focal

Repository Area Version
base universe 3:3.8.0-2.1build1
updates universe 3:3.8.0-2.1ubuntu0.1

Changelog

Version: 3:3.8.0-2.1ubuntu0.1 2022-10-14 02:07:14 UTC

  gthumb (3:3.8.0-2.1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2019-20326-*.patch: Do not scan
      more than CAIRO_MAX_IMAGE_SIZE lines. (LP: #1976189)
    - CVE-2019-20326
  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2020-36427-*.patch: Fixed crash in
      case of some malformed jpegs. (LP: #1976189)
    - CVE-2020-36427

 -- Fabian Toepfer <email address hidden> Sun, 29 May 2022 12:31:15 -0400

1976189 [CVE-2019-20326] gthumb crashes when trying to load an image with a height above 32767 px (heap-based buffer overflow)
CVE-2019-20326 A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.
CVE-2020-36427 GNOME gThumb before 3.10.1 allows an application crash via a malformed JPEG image.



About   -   Send Feedback to @ubuntu_updates