Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

Fedora 38 FreeImage Critical Fix: Addressing Buffer Overflows

fedora
Calendar Grey October 7, 2023
Dist Fedora Esm H88
Fedora 38 rolls out essential enhancements for libpng tackling multiple security vulnerabilities. Ensure your system remains protected with these updates.
Downstream fixes for CVE-2021-40266 CVE-2020-24292 CVE-2020-24293 CVE-2020-24295 CVE-2021-40263

Summary

FreeImage is a library for developers who would like to support popular

graphics image formats like PNG, BMP, JPEG, TIFF and others as needed by

today's multimedia applications.

Update Information:

Downstream fixes for CVE-2021-40266 CVE-2020-24292 CVE-2020-24293 CVE-2020-24295 CVE-2021-40263

Topics%20covered

Topics Covered

security advisory fedora buffer overflow critical fix freeimage

Change Log

* Thu Sep 28 2023 Sandro Mani - 3.19.0-0.20.svn1909 - Downstream fixes for CVE-2021-40266 CVE-2020-24292 CVE-2020-24293 CVE-2020-24295 CVE-2021-40263

References


[ 1 ] Bug #2235420 - CVE-2020-24292 mingw-freeimage: freeimage: buffer overflow in load() in PluginICO.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235420 [ 2 ] Bug #2235422 - CVE-2020-24292 freeimage: buffer overflow in load() in PluginICO.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235422 [ 3 ] Bug #2235425 - CVE-2020-24293 freeimage: buffer overflow in psdThumbnail::Read() in PSDParser.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235425 [ 4 ] Bug #2235426 - CVE-2020-24293 mingw-freeimage: freeimage: buffer overflow in psdThumbnail::Read() in PSDParser.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235426 [ 5 ] Bug #2235434 - CVE-2020-24295 freeimage: buffer overflow in ReadImageLine() in PSDParser.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2235434 [ 6 ] Bug #2235435 - CVE-2020-24295 mingw-freeimage: freeimage: buffer overflow in ReadIm...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-604a7d56b0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: freeimage
Product: Fedora 38
Version: 3.19.0
Release: 0.20.svn1909.fc38
URL: https://freeimage.sourceforge.io/
Summary: Multi-format image decoder library

Topics%20covered

Topics Covered

security advisory fedora buffer overflow critical fix freeimage

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here