Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 33 gdk-pixbuf2: FEDORA-2021-2e59756cbe Moderate DoS Fix

fedora
Calendar Grey February 22, 2021
Dist Fedora Esm H88
The libpng update in Ubuntu 20.10 resolves vulnerabilities including buffer overflows and memory leaks, improving system security.
gdk-pixbuf2 2.42.2 release, fixing CVE-2021-20240 and CVE-2020-29385

Summary

gdk-pixbuf is an image loading library that can be extended by loadable

modules for new image formats. It is used by toolkits such as GTK+ or

clutter.

gdk-pixbuf2 2.42.2 release, fixing CVE-2021-20240 and CVE-2020-29385. This

update also includes new gdk-pixbuf2-xlib package that was split out from gdk-pixbuf2 to its own source rpm. The gdk-pixbuf2-xlib and gdk-pixbuf2-xlib-devel

binary package names are identical to what they were before the split.

* Fri Feb 19 2021 Kalev Lember - 2.42.2-2

- Avoid using deprecated meson options

- Fix gtk-doc directory ownership

* Fri Feb 19 2021 Kalev Lember - 2.42.2-1

- Update to 2.42.2

- Split out gdk-pixbuf2-xlib to separate source package

- Update upstream URLs

* Tue Jan 26 2021 Fedora Release Engineering - 2.40.0-4

- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

[ 1 ] Bug #1926787 - CVE-2021-20240 gdk-pixbuf: integer wraparound in the GIF loader of gdk-pixbuf via crafted input leads to segmentation fault

https://bugzilla.redhat.com/show_bug.cgi?id=1926787

[ 2 ] Bug #1927237 - CVE-2020-29385 gdk-pixbuf: DoS in lzw.c

https://bugzilla.redhat.com/show_bug.cgi?id=1927237

su -c 'dnf upgrade --advisory FEDORA-2021-2e59756cbe' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory moderate fedora update Fedora DoS dos image library gdk-pixbuf2

Change Log

References

Update Instructions

Product: Fedora 33
Version: 2.42.2
Release: 2.fc33
URL:
Summary: An image loading library

Topics%20covered

Topics Covered

security advisory moderate fedora update Fedora DoS dos image library gdk-pixbuf2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here