gdk-pixbuf is an image loading and rendering library mostly used by GTK and GNOME applications. It is distributed as a separate package for gtk1 and integrated into the gtk2 package. Chris Evans has discovered a heap based, a stack based and an integer overflow in the XPM and ICO loaders of those libraries. The overflows can be exploited by tricking an application to display a malformed image to make it crash or to execute code.
There is no known workaround, please install the update packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 9.0 | x86_64 | gtk2 | < 2.2.3-54 | gtk2-2.2.3-54.x86_64.rpm |
openSUSE | 9.1 | i586 | gtk2 | < 2.2.4-125.4 | gtk2-2.2.4-125.4.i586.rpm |
openSUSE | 8.1 | i586 | gdk-pixbuf | < 0.18.0-609 | gdk-pixbuf-0.18.0-609.i586.rpm |
openSUSE | 8.2 | i586 | gdk-pixbuf | < 0.18.0-609 | gdk-pixbuf-0.18.0-609.i586.rpm |
openSUSE | 9.0 | x86_64 | gdk-pixbuf | < 0.18.0-610 | gdk-pixbuf-0.18.0-610.x86_64.rpm |
openSUSE | 9.0 | i586 | gtk2 | < 2.2.3-54 | gtk2-2.2.3-54.i586.rpm |
openSUSE | 9.1 | x86_64 | gtk2 | < 2.2.4-125.4 | gtk2-2.2.4-125.4.x86_64.rpm |
openSUSE | 9.1 | i586 | gdk-pixbuf | < 0.22.0-62.7 | gdk-pixbuf-0.22.0-62.7.i586.rpm |
openSUSE | 9.1 | x86_64 | gdk-pixbuf | < 0.22.0-62.7 | gdk-pixbuf-0.22.0-62.7.x86_64.rpm |
openSUSE | 9.0 | i586 | gdk-pixbuf | < 0.18.0-610 | gdk-pixbuf-0.18.0-610.i586.rpm |