Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
197
security advisoryupdatebuffer overflowDebian 9: DLA-2749-1 Moderate: Buffer Overflow in Gthumb Image Viewer
An issue has been found in gthumb, an image viewer and browser. A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c allows attackers to . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2749-1
Aug 28, 2021
Debian LTS
203
security advisorybuffer overflowarbitrary code executionMageia: 2020-0056 Moderate: gthumb Buffer Overflow Error
A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in gThumb and Pix allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file (CVE-2019-20326). . MGASA-2020-0056 - Updated gthumb packages fix security vulnerability Publication date: 28 Jan 2020 URL: https://advisories.mageia.org/MGASA-2020-0056.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-20326 A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in gThumb and Pix allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file (CVE-2019-20326). References: - https://bugs.mageia.org/show_bug.cgi?id=26084 - https://lists.debian.org/debian-lts-announce/2020/01/msg00009.html - https://www.cve.org/CVERecord?id=CVE-2019-20326 SRPMS: - 7/core/gthumb-3.7.2-2.1.mga7 . Recent gThumb updates address a heap buffer overflow vulnerability that could enable code execution through specially crafted PNG images.. gthumb security, Mageia updates, buffer overflow exploit, JPEG vulnerability. . LinuxSecurity.com Team
Jan 28, 2020
Mageia
197
security advisorybuffer overflowDebianDebian 8: DLA-2066-1 Moderate: gthumb Buffer Overflow Threat
A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in gThumb and Pix . Package : gthumb Version : 3:3.3.1-2.1+deb8u2 CVE ID : CVE-2019-20326 A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in gThumb and Pix allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file. For Debian 8 "Jessie", this problem has been fixed in version 3:3.3.1-2.1+deb8u2. We recommend that you upgrade your gthumb packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The Debian LTS team has released an alert concerning gthumb, highlighting a severe buffer overflow vulnerability that can be exploited via a malicious JPEG image.. Debian LTS, gthumb update, buffer overflow fix, security advisory, gthumb vulnerability. . LinuxSecurity.com Team
Jan 14, 2020
Debian LTS
203
security advisoryfixdouble-freeMageia: 2019-0039 Moderate: gthumb Double-Free Vulnerability
An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees the same buffer. (CVE-2018-18718) . MGASA-2019-0039 - Updated gthumb packages fix security vulnerability Publication date: 17 Jan 2019 URL: https://advisories.mageia.org/MGASA-2019-0039.html Type: security Affected Mageia releases: 6 CVE: CVE-2018-18718 An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees the same buffer. (CVE-2018-18718) References: - https://bugs.mageia.org/show_bug.cgi?id=24183 - - https://www.cve.org/CVERecord?id=CVE-2018-18718 SRPMS: - 6/core/gthumb-3.4.5-2.1.mga6 . MGASA-2019-0039 - Updated gthumb packages fix security vulnerability Publication date: 17 Jan 2019 U. gthumb, through, there, double-free, vulnerability, add_the. . LinuxSecurity.com Team
Jan 18, 2019
Mageia
202
security advisorysecurity issuepatchopenSUSE Leap: 2019:0022-1 Important: gthumb Double-Free Issue
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for gthumb ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:0022-1 Rating: important References: #1113749 Cross-References: CVE-2018-18718 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for gthumb fixes the following issues: Security issue fixed: - CVE-2018-18718: Fixed a double-free in add_themes_from_dir function from dlg-contact-sheet.c (boo#1113749) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-22=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-22=1 - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-22=1 Package List: - openSUSE Leap 42.3 (noarch): gthumb-lang-3.4.2-7.3.1 - openSUSE Leap 42.3 (x86_64): gthumb-3.4.2-7.3.1 gthumb-debuginfo-3.4.2-7.3.1 gthumb-debugsource-3.4.2-7.3.1 gthumb-devel-3.4.2-7.3.1 - openSUSE Leap 15.0 (x86_64): gthumb-3.6.1-lp150.3.3.1 gthumb-debuginfo-3.6.1-lp150.3.3.1 gthumb-debugsource-3.6.1-lp150.3.3.1 gthumb-devel-3.6.1-lp150.3.3.1 - openSUSE Leap 15.0 (noarch): gthumb-lang-3.6.1-lp150.3.3.1 - openSUSE Backports SLE-15 (x86_64): gthumb-3.6.1-bp150.2.3.1 gthumb-devel-3.6.1-bp150.2.3.1 - openSUSE Backports SLE-15 (noarch): gthumb-lang-3.6.1-bp150.2.3.1 References: https://www.suse.com/security/cve/CVE-2018-18718.html https://bugzilla.suse.com/1113749 -- . Significant openSUSE Security Patch for gthumb resolving a crucial double-free vulnerability, bolstering system security.. openSUSE Security Update,gthumb patch,important vulnerability fix,openSUSE Leap security. . Severity: Important. LinuxSecurity.com Team
Jan 11, 2019
•Important
OpenSUSE
197
security advisorycriticaldebianDebian 8: DLA-1567-1 Critical: gthumb Double Free Vulnerability Fix
CVE-2018-18718 - CWE-415: Double Free The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations. . Package : gthumb Version : 3:3.3.1-2.1+deb8u1 CVE ID : CVE-2018-18718 Debian Bug : #912290 CVE-2018-18718 - CWE-415: Double Free The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations. There is a suspected double-free bug with static void add_themes_from_dir() dlg-contact-sheet.c. This method involves two successive calls of g_free(buffer) (line 354 and 373), and is likely to cause double-free of the buffer. One possible fix could be directly assigning the buffer to NULL after the first call of g_free(buffer). Thanks Tianjun Wu For Debian 8 "Jessie", this problem has been fixed in version 3:3.3.1-2.1+deb8u1 We recommend that you upgrade your gthumb packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance gthumb because of CVE-2018-18718 linked to memory control issues. Read on for specifics regarding the resolution!. gthumb Security Update, Debian LTS Advisory, Memory Corruption Fix. . Severity: Critical. LinuxSecurity.com Team
Nov 05, 2018
•Critical
Debian LTS
89
moderatefedorabug fixFedora Core 5: gthumb 2.7.5.1-1 Moderate Image Viewer Improvements
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-183 2006-04-04 ---------------------------------------------------------------------Product : Fedora Core 5 Name : gthumb Version : 2.7.5.1 Release : 1.fc5.1 Summary : Image viewer, editor, organizer Description : gthumb is an application for viewing, editing, and organizing collections of images. ---------------------------------------------------------------------Update Information: * Only display user visible drives in the location box. * Fixed bug #329889 - thumbnail generation and accentuated characters in path. * Fixed little bug in crop dialog. * Fixed bug that prevented comments to be removed correctly when iptc_data support was enabled. * Fixed command line catalog creation. * Fixed photo importing and fixed bug that prevented importing photos when an instance of gthumb was already running. ---------------------------------------------------------------------* Fri Mar 24 2006 Matthias Clasen - 2.7.5.1-1 - Update to 2.7.5.1 * Mon Mar 20 2006 Matthias Clasen - 2.7.5-1 - Update to 2.7.5 ---------------------------------------------------------------------This update can be downloaded from: fe5bf622116562b05ef47288e9bc57923315819d SRPMS/gthumb-2.7.5.1-1.fc5.1.src.rpm 4f1f27bb52737b6352d2c2529a5e7eb2141f36c9 ppc/gthumb-2.7.5.1-1.fc5.1.ppc.rpm 5766ff0e3bbeccac54e9f5b32aed5841c4a8a391 ppc/debug/gthumb-debuginfo-2.7.5.1-1.fc5.1.ppc.rpm 4907b2791566e1759b47e93f504198d252c40617 x86_64/gthumb-2.7.5.1-1.fc5.1.x86_64.rpm f18775d01bb1b0591741285e8770044c75088419 x86_64/debug/gthumb-debuginfo-2.7.5.1-1.fc5.1.x86_64.rpm 92bb99e45ac8f3b798ec47e4e3908bf21611b670 i386/gthumb-2.7.5.1-1.fc5.1.i386.rpm 75d724027972e332c97f9a49d1d2be10576b1f36 i386/debug/gthumb-debuginfo-2.7.5.1-1.fc5.1.i386.rpm This update can be installed with the 'yum' update program. Use 'yumupdate package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list
Apr 04, 2006
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!