Several vulnerabilities have been discovered in gdk-pixbuf, a toolkit for image loading and pixel buffer manipulation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-7673 Gustavo Grieco discovered a heap overflow in the processing of TGA images which may result in the execution of arbitrary code or denial of service (process crash) if a malformed image is opened. CVE-2015-7674 Gustavo Grieco discovered an integer overflow flaw in the processing of GIF images which may result in the execution of arbitrary code or denial of service (process crash) if a malformed image is opened. For the oldstable distribution (wheezy), these problems have been fixed in version 2.26.1-1+deb7u2. For the stable distribution (jessie), these problems have been fixed in version 2.31.1-2+deb8u3. For the testing distribution (stretch), these problems have been fixed in version 2.32.1-1 or earlier. For the unstable distribution (sid), these problems have been fixed in version 2.32.1-1 or earlier. We recommend that you upgrade your gdk-pixbuf packages.
Several vulnerabilities have been discovered in gdk-pixbuf, a toolkit for image loading and pixel buffer manipulation. The Common Vulnerabilities and Exposures project identifies the following problems:
Gustavo Grieco discovered a heap overflow in the processing of TGA images which may result in the execution of arbitrary code or denial of service (process crash) if a malformed image is opened.
Gustavo Grieco discovered an integer overflow flaw in the processing of GIF images which may result in the execution of arbitrary code or denial of service (process crash) if a malformed image is opened.
For the oldstable distribution (wheezy), these problems have been fixed in version 2.26.1-1+deb7u2.
For the stable distribution (jessie), these problems have been fixed in version 2.31.1-2+deb8u3.
For the testing distribution (stretch), these problems have been fixed in version 2.32.1-1 or earlier.
For the unstable distribution (sid), these problems have been fixed in version 2.32.1-1 or earlier.
We recommend that you upgrade your gdk-pixbuf packages.