[UCI-Linux] [SECURITY] Fedora Core 2 Update: gdk-pixbuf-0.22.0-12.fc2

Mike Iglesias IGLESIAS at uci.edu
Wed Mar 30 11:00:21 PST 2005

From: Matthias Clasen <mclasen at redhat.com>
To: fedora-announce-list at redhat.com
Date: Wed, 30 Mar 2005 13:50:45 -0500
Subject: [SECURITY] Fedora Core 2 Update: gdk-pixbuf-0.22.0-12.fc2

Fedora Update Notification

Product     : Fedora Core 2
Name        : gdk-pixbuf
Version     : 0.22.0                      
Release     : 12.fc2                  
Summary     : An image loading library used with GNOME.
Description :
The gdk-pixbuf package contains an image loading library used with the
GNOME GUI desktop environment. The GdkPixBuf library provides image
loading facilities, the rendering of a GdkPixBuf into various formats
(drawables or GdkRGB buffers), and a cache interface.

Update Information:

David Costanzo found a bug in the way gdk-pixbuf processes BMP images.
It is possible that a specially crafted BMP image could cause a denial
of service attack in applications linked against gdk-pixbuf. 
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0891 to this issue.

* Mon Mar 28 2005 Matthias Clasen <mclasen at redhat.com> - 1:0.22.0-12.fc2

- Fix a double free in the bmp loader

This update can be downloaded from:

a0ba48a2695141af2d4a0f7ff3218062  SRPMS/gdk-pixbuf-0.22.0-12.fc2.src.rpm
c1dc4fe31433159afb6bcfdd98dd84a2  x86_64/gdk-
c561473d5921958c2aa7aed692671933  x86_64/gdk-pixbuf-
eb0fae059933dd9613048b4dfaa73d6f  x86_64/gdk-pixbuf-
886d8069570a4202bfbcb6304203fd5a  x86_64/debug/gdk-pixbuf-
f56442e8a45c71b7004373b94acf5a9f  i386/gdk-pixbuf-0.22.0-12.fc2.i386.rpm
0b16b3e1d3223b91728211fa311e8d72  i386/gdk-pixbuf-
19ea2d840949337df59ccbe8e3303648  i386/gdk-pixbuf-
a64d219947db70a88a5a29f1fba24227  i386/debug/gdk-pixbuf-

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

fedora-announce-list mailing list
fedora-announce-list at redhat.com

More information about the UCI-Linux mailing list