Package "imlib2"
Name: |
imlib2
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- image loading, rendering, saving library
- image loading, rendering, saving library (development files)
|
Latest version: |
1.4.6-2ubuntu0.1 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
main |
Links
Other versions of "imlib2" in Trusty
Packages in group
Deleted packages are displayed in grey.
Changelog
imlib2 (1.4.6-2ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service (divide-by-zero) via drawing
a 2x1 ellipse.
- debian/patches/debian/patches/04_CVE-2011-5326.patch: ensure
denominators are not zero.
- CVE-2011-5326
* SECURITY UPDATE: denial of service (segmentation fault) via a
GIF image without a colormap.
- debian/patches/debian/patches/CVE-2014-9762.patch: return error if
no colormap.
- CVE-2014-9762
* SECURITY UPDATE: denial of service (divide-by-zero) handling
PNM files.
- debian/patches/debian/patches/CVE-2014-9763.patch: ensure
denominators are not zero.
- CVE-2014-9763
* SECURITY UPDATE: denial of service (segmentation fault) handling
certain GIF images
- debian/patches/debian/patches/CVE-2014-9764.patch: check for NULL.
- CVE-2014-9764
* SECURITY UPDATE: integer overflow leading to denial of service
- debian/patches/debian/patches/05_CVE-2014-9771.patch: reduce
maximum allowed image dimensions.
- CVE-2014-9771
* SECURITY UPDATE: denial of service due to out-of-bounds read.
- debian/patches/debian/patches/06_CVE-2016-3993.patch: check
boundary condition before reading array element.
- CVE-2016-3993
* SECURITY UPDATE: out-of-bounds read handling GIFs leading to denial
of service or information disclosure.
- debian/patches/debian/patches/07_CVE-2016-3994.patch: ensure
colormap limits are honored.
- CVE-2016-3994
* SECURITY UPDATE: different integer overflow on 32 bit arches
leading to a denial of service
- debian/patches/debian/patches/08_CVE-2016-4024.patch: reduce
allowed dimensions even further.
- CVE-2016-4024
-- Steve Beattie <email address hidden> Thu, 01 Sep 2016 00:29:09 -0700
|
CVE-2011-5326 |
imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse. |
CVE-2014-9762 |
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap. |
CVE-2014-9763 |
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file. |
CVE-2014-9764 |
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file. |
CVE-2014-9771 |
Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted |
CVE-2016-3993 |
Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (ou |
CVE-2016-3994 |
The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a |
CVE-2016-4024 |
Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which |
|
About
-
Send Feedback to @ubuntu_updates