lp:ubuntu/hoary-security/gdk-pixbuf
- Get this branch:
- bzr branch lp:ubuntu/hoary-security/gdk-pixbuf
Branch merges
Branch information
Recent revisions
- 4. By Martin Pitt
-
* SECURITY UPDATE: Arbitrary code execution and DoS.
* Fix integer overflow in XPM loader:
- gdk-pixbuf/io-xpm. c, pixbuf_ create_ from_xpm( ): Check n_col for integer
overflow before allocating memory.
- XPMs with specially crafted number of colors can lead to buffer overflow
and arbitrary code execution.
- CVE-2005-3186
* Fix another integer overflow in XPM loader:
- gdk-pixbuf/io-xpm. c, pixbuf_ create_ from_xpm( ): Use gdk_pixbuf_new()
instead of low-level allocation since the latter did not check for
integer overflows (width * height * number of colors).
- CVE-2005-2976
* Fix endless loop in XPM loader:
- gdk-pixbuf/io-xpm. c, file_buffer(): Avoid endless loop with specially
crafted number of colors.
- CVE-2005-2975 - 3. By Martin Pitt
-
* SECURITY UPDATE: Fix Denial of Service with malformed images.
* gdk-pixbuf/io-bmp. c, grow_buffer(): Fix double free() leading
to a crash with malicious BMP images.
* References:
CAN-2005-0891 - 2. By Sebastien Bacher
-
Sync with debian to fix the "undefined symbol" problem with g_try_malloc
(Warty: #2094).
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/gdk-pixbuf