gdk-pixbuf: Multiple vulnerabilities (CVE-2017-6311, CVE-2017-6312, CVE-2017-6313, CVE-2017-6314)
CVE-2017-6311: NULL dereference on gdk-pixbuf thumbnailer
References:
https://bugzilla.gnome.org/show\_bug.cgi?id=778204
http://seclists.org/oss-sec/2017/q1/466
http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
CVE-2017-6312: Out-of-bounds read in io-ico.c
References:
https://bugzilla.gnome.org/show\_bug.cgi?id=779012
http://seclists.org/oss-sec/2017/q1/466
http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
CVE-2017-6313: Integer underflow in io-icns.c
References:
https://bugzilla.gnome.org/show\_bug.cgi?id=779016
http://seclists.org/oss-sec/2017/q1/466
http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
CVE-2017-6314: Infinite loop in io-tiff.c
References:
https://bugzilla.gnome.org/show\_bug.cgi?id=779020
http://seclists.org/oss-sec/2017/q1/466
http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html
(from redmine: issue id 6953, created on 2017-03-03, closed on 2017-06-29)
- Relations:
- child #6954 (closed)
- child #6955 (closed)
- child #6956 (closed)
- child #6957 (closed)
- child #6958 (closed)