The gtk2 package contains the GIMP ToolKit (GTK+), a library for creating
graphical user interfaces for the X Window System.
A bug was found in the way gtk2 processes XPM images. An attacker could
create a carefully crafted XPM file in such a way that it could cause an
application linked with gtk2 to execute arbitrary code when the file was
opened by a victim. The Common Vulnerabilities and Exposures project has
assigned the name CVE-2005-3186 to this issue.
Ludwig Nussel discovered an infinite-loop denial of service bug in the way
gtk2 processes XPM images. An attacker could create a carefully crafted XPM
file in such a way that it could cause an application linked with gtk2 to
stop responding when the file was opened by a victim. The Common
Vulnerabilities and Exposures project has assigned the name CVE-2005-2975
to this issue.
Users of gtk2 are advised to upgrade to these updated packages, which
contain backported patches and are not vulnerable to these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390x | gtk2-devel | < 2.4.13-18 | gtk2-devel-2.4.13-18.s390x.rpm |
RedHat | any | ia64 | gtk2-devel | < 2.4.13-18 | gtk2-devel-2.4.13-18.ia64.rpm |
RedHat | any | src | gtk2 | < 2.4.13-18 | gtk2-2.4.13-18.src.rpm |
RedHat | any | x86_64 | gtk2-devel | < 2.4.13-18 | gtk2-devel-2.4.13-18.x86_64.rpm |
RedHat | any | ppc | gtk2 | < 2.4.13-18 | gtk2-2.4.13-18.ppc.rpm |
RedHat | any | s390x | gtk2 | < 2.4.13-18 | gtk2-2.4.13-18.s390x.rpm |
RedHat | any | ppc | gtk2-devel | < 2.4.13-18 | gtk2-devel-2.4.13-18.ppc.rpm |
RedHat | any | i386 | gtk2 | < 2.4.13-18 | gtk2-2.4.13-18.i386.rpm |
RedHat | any | ppc64 | gtk2 | < 2.4.13-18 | gtk2-2.4.13-18.ppc64.rpm |
RedHat | any | s390 | gtk2 | < 2.4.13-18 | gtk2-2.4.13-18.s390.rpm |