UbuntuUpdates.org

Package "libgdk-pixbuf2.0-common"

Name: libgdk-pixbuf2.0-common

Description:

GDK Pixbuf library - data files

Latest version: 2.42.8+dfsg-1ubuntu0.3
Release: jammy (22.04)
Level: security
Repository: main
Head package: gdk-pixbuf
Homepage: https://www.gtk.org/

Links


Download "libgdk-pixbuf2.0-common"


Other versions of "libgdk-pixbuf2.0-common" in Jammy

Repository Area Version
base main 2.42.8+dfsg-1
updates main 2.42.8+dfsg-1ubuntu0.3

Changelog

Version: 2.42.8+dfsg-1ubuntu0.3 2024-06-05 14:07:06 UTC

  gdk-pixbuf (2.42.8+dfsg-1ubuntu0.3) jammy-security; urgency=medium

  * SECURITY UPDATE: heap memory corruption
    - debian/patches/CVE-2022-48622-*.patch: adds checks for invalid ani files
      to gdk-pixbuf/io-ani.c.
    - tests/tests-images/fail/CVE-2022-48622.ani: test file.
    - debian/source/include-binaries: including binary test file.
    - CVE-2022-48622

 -- Ian Constantin <email address hidden> Mon, 03 Jun 2024 19:40:54 +0300

Source diff to previous version
CVE-2022-48622 In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk i

Version: 2.42.8+dfsg-1ubuntu0.1 2022-09-13 17:07:12 UTC

  gdk-pixbuf (2.42.8+dfsg-1ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Heap-Buffer-Overflow
    - debian/patches/CVE-2021-44648-1.patch: Add an assertion that checks for maximum LZW code size
      in gdk-pixbuf/lzw.c.
    - debian/patches/CVE-2021-44648-2.patch: Fix the check for maximum value
      of LZW initial code size in gdk-pixbuf/io-gif.c.
    - debian/patches/CVE-2021-44648-3.patch: Add tests for GIF files with
      invalid LZW code size in tests/tests-images/fail/* and
      tests/tests-images/gif-test-suite/*.
    - debian/source/include-binaries: add tests binaries to the package
    - CVE-2021-44648

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 07 Sep 2022 11:14:12 -0300

CVE-2021-44648 GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with



About   -   Send Feedback to @ubuntu_updates