Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 1 Oct 2015 12:25:28 -0300
From: Gustavo Grieco <>
Subject: Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1

2015-10-01 10:03 GMT-03:00 Gustavo Grieco <>:

> Hello,
> We found a heap overflow in the gdk-pixbuf implementation triggered by the
> scaling of gif file.These issues are only fixed in the recent release of
> gdk-pixbuf 2.32.1 but affects older versions (we tested it in a fully
> updated Ubuntu 14.04).

If someone needs more details, it was fixed in 2.32.1 with this commit:

> These issues were found using QuickFuzz.
> Regards,
> Gustavo.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ