Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

GDK-PixBuf: Denial of service — GLSA 202012-15

A vulnerability in GDK-PixBuf library could lead to a Denial of Service condition.

Affected packages

Package x11-libs/gdk-pixbuf on all architectures
Affected versions < 2.42.2
Unaffected versions >= 2.42.2

Background

GDK-PixBuf is an image loading library for GTK+.

Description

It was discovered that the GDK-PixBuf library did not properly handle certain GIF images.

Impact

A remote attacker could entice a user to open a specially crafted GIF image in an application linked against GDK-PixBuf library, possibly resulting in a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All GDK-PixBuf library users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=x11-libs/gdk-pixbuf-2.42.2"

References

Release date
December 23, 2020

Latest revision
December 23, 2020: 1

Severity
low

Exploitable
local, remote

Bugzilla entries