UbuntuUpdates.org

Package "libgdk-pixbuf2.0-common"

Name: libgdk-pixbuf2.0-common

Description:

GDK Pixbuf library - data files

Latest version: 2.42.10+dfsg-3ubuntu3.1
Release: noble (24.04)
Level: security
Repository: main
Head package: gdk-pixbuf
Homepage: https://www.gtk.org/

Links


Download "libgdk-pixbuf2.0-common"


Other versions of "libgdk-pixbuf2.0-common" in Noble

Repository Area Version
base main 2.42.10+dfsg-3ubuntu3
updates main 2.42.10+dfsg-3ubuntu3.1

Changelog

Version: 2.42.10+dfsg-3ubuntu3.1 2024-06-05 14:07:11 UTC

  gdk-pixbuf (2.42.10+dfsg-3ubuntu3.1) noble-security; urgency=medium

  * SECURITY UPDATE: heap memory corruption
    - debian/patches/CVE-2022-48622-*.patch: adds checks for invalid ani files
      to gdk-pixbuf/io-ani.c.
    - tests/tests-images/fail/CVE-2022-48622.ani: test file.
    - debian/source/include-binaries: including binary test file.
    - CVE-2022-48622

 -- Ian Constantin <email address hidden> Mon, 03 Jun 2024 19:36:10 +0300

CVE-2022-48622 In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk i



About   -   Send Feedback to @ubuntu_updates