Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Slackware: 2017-270-02 Critical: Gtkhtml Buffer Overflow Threat

slackware
Calendar Grey September 28, 2017
Dist Slackware Esm H88
Updated gegl versions for Slackware resolve major vulnerabilities, tackling issues such as buffer overflows and risks of exploitation.
New gegl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues

Summary

Here are the details from the Slackware 14.2 ChangeLog: patches/packages/gegl-0.2.0-i586-4_slack14.2.txz: Rebuilt. Patched integer overflows in operations/external/ppm-load.c that could allow a denial of service (application crash) or possibly the execution of arbitrary code via a large width or height value in a ppm image. For more information, see: https://www.cve.org/CVERecord?id=CVE-2012-4433 (* Security fix *)

Topics%20covered

Topics Covered

security advisory denial of service update slackware severe gegl

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gegl-0.2.0-i486-2_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gegl-0.2.0-x86_64-2_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gegl-0.2.0-i486-3_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gegl-0.2.0-x86_64-3_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/gegl-0.2.0-i586-4_slack14.2.txz
Updated package for Slackware x86_64 14.2...

Read the Full Advisory

MD5 Signatures

Slackware 14.0 package: 0f3a27e1e41c7f3eba9071f597822e8b gegl-0.2.0-i486-2_slack14.0.txz
Slackware x86_64 14.0 package: d6b7365ce7b93b6f7600eefaf560e367 gegl-0.2.0-x86_64-2_slack14.0.txz
Slackware 14.1 package: 6435b2944fae6422a25ea3ce5a5160d3 gegl-0.2.0-i486-3_slack14.1.txz
Slackware x86_64 14.1 package: 8469481eb5a4458f10bee17106af7153 gegl-0.2.0-x86_64-3_slack14.1.txz
Slackware 14.2 package: eaa01d461a0fbf406bdaf6690d07a255 gegl-0.2.0-i586-4_slack14.2.txz
Slackware x86_64 14.2 package: 2f915fbaa9d05f36e8a0e5564af87e1f gegl-0.2.0-x86_64-4_slack14.2.txz
Slackware -current package: 6160c00a36e77b137a7dd44ad3f816a0 l/gegl-0.2.0-i586-5.txz
Slackware x86_64 -current package: c3464f432380209685b2c3fcf3a49b30 l/gegl-0.2.0-x86_64-5.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory denial of service update slackware severe gegl

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg gegl-0.2.0-i586-4_slack14.2.txz

Related News

Your message here