Explore top 10 tips to secure your open-source projects now. Read More
×
GDK-PixBuf could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- gdk-pixbuf: GDK Pixbuf library
Details:
It was discovered that the GDK-PixBuf library did not properly handle
certain jpeg images. If an user or automated system were tricked into
opening a specially crafted jpeg file, a remote attacker could use this
flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2017-2862)
It was discovered that the GDK-PixBuf library did not properly handle
certain tiff images. If an user or automated system were tricked into
opening a specially crafted tiff file, a remote attacker could use this
flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2017-2870)
Ariel Zelivansky discovered that the GDK-PixBuf library did not
properly handle printing certain error messages. If an user or
automate...
The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libgdk-pixbuf2.0-0 2.36.5-3ubuntu0.2 Ubuntu 16.04 LTS: libgdk-pixbuf2.0-0 2.32.2-1ubuntu1.3 Ubuntu 14.04 LTS: libgdk-pixbuf2.0-0 2.30.7-0ubuntu1.7 After a standard system update you need to restart your session to make all the necessary changes.
https://ubuntu.com/security/notices/USN-3418-1
CVE-2017-2862, CVE-2017-2870, CVE-2017-6311
Get the latest Linux and open source security news straight to your inbox.