--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2005-154272 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154272 2005-06-24 --------------------------------------------------------------------- Name : gdk-pixbuf Versions : rh73: gdk-pixbuf-0.22.0-7.73.3.legacy Versions : rh9: gdk-pixbuf-0.22.0-7.90.3.legacy Versions : fc1: gdk-pixbuf-0.22.0-11.3.4.1.legacy Summary : An image loading library used with GNOME. Description : The gdk-pixbuf package contains an image loading library used with the GNOME desktop environment. The GdkPixBuf library provides image loading facilities, the rendering of a GdkPixBuf into various formats (drawables or GdkRGB buffers), and a cache interface. --------------------------------------------------------------------- Update Information: Updated gdk-pixbuf packages that fix a double free vulnerability are now available. The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. A bug was found in the way gdk-pixbuf processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack on applications linked against gdk-pixbuf. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to this issue. Users of gdk-pixbuf are advised to upgrade to these packages, which contain a backported patch and are not vulnerable to this issue. --------------------------------------------------------------------- Changelogs rh73: * Wed May 11 2005 Pekka Savola <pekkas@xxxxxxxxxx> 1:0.22.0-7.73.3.legacy - Add BMP loader double free crash from RHEL3 (CAN-2005-0891), #154272 rh9: * Wed May 11 2005 Pekka Savola <pekkas@xxxxxxxxxx> 1:0.22.0-7.90.3.legacy - Add BMP loader double free crash from RHEL3 (CAN-2005-0891), #154272 fc1: * Wed May 11 2005 Pekka Savola <pekkas@xxxxxxxxxx> 1:0.22.0-11.3.4.1.legacy - Add BMP loader double free crash from RHEL3 (CAN-2005-0891), #154272 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh73: 603ade3d2671dc2486de4e88e5753c390cfbe25c redhat/7.3/updates-testing/i386/gdk-pixbuf-0.22.0-7.73.3.legacy.i386.rpm 9af2cd78533f6aa3edf18e418f22972e96dd68b8 redhat/7.3/updates-testing/i386/gdk-pixbuf-devel-0.22.0-7.73.3.legacy.i386.rpm c23e9bfe47fa3e23d05da3d336f151f15f260467 redhat/7.3/updates-testing/i386/gdk-pixbuf-gnome-0.22.0-7.73.3.legacy.i386.rpm 9b4c5298bcaff267cb7ffa0bbfe90e64f6f2d925 redhat/7.3/updates-testing/SRPMS/gdk-pixbuf-0.22.0-7.73.3.legacy.src.rpm rh9: 34c176e0ff80d5cf680edd35aac08541a13cd4e6 redhat/9/updates-testing/i386/gdk-pixbuf-0.22.0-7.90.3.legacy.i386.rpm 8dcb027f064d3a378f44354fbc8fbfdf54402113 redhat/9/updates-testing/i386/gdk-pixbuf-devel-0.22.0-7.90.3.legacy.i386.rpm 53d96ae1336f7d4a442f239db2afc24ac91e27d5 redhat/9/updates-testing/i386/gdk-pixbuf-gnome-0.22.0-7.90.3.legacy.i386.rpm 9fb12eae733ceca5606814fe6d46b9d2c2c63bd5 redhat/9/updates-testing/SRPMS/gdk-pixbuf-0.22.0-7.90.3.legacy.src.rpm fc1: 26ad2e60b327e7f5d4d0a5056be6cd42b0bff150 fedora/1/updates-testing/i386/gdk-pixbuf-0.22.0-11.3.4.1.legacy.i386.rpm 66885c30f770531c0dc53cc3715aa56633780613 fedora/1/updates-testing/i386/gdk-pixbuf-devel-0.22.0-11.3.4.1.legacy.i386.rpm f70ac09e0a5d768da740c37f1d5115589c6515e4 fedora/1/updates-testing/i386/gdk-pixbuf-gnome-0.22.0-11.3.4.1.legacy.i386.rpm 2f70a1f23a819f242d916529e7b531d494ef45eb fedora/1/updates-testing/SRPMS/gdk-pixbuf-0.22.0-11.3.4.1.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
