SUSE-SU-2017:2381-1

Description

Security update for gdk-pixbuf This update for gdk-pixbuf fixes the following issues: - CVE-2017-2862: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability (bsc#1048289) - CVE-2017-2870: tiff_image_parse Code Execution Vulnerability (bsc#1048544) - CVE-2017-6313: A dangerous integer underflow in io-icns.c (bsc#1027024) - CVE-2017-6314: Infinite loop in io-tiff.c (bsc#1027025) - CVE-2017-6312: Out-of-bounds read on io-ico.c (bsc#1027026)

Affected Systems

• suse•gdk-pixbuf&distro=SUSE Linux Enterprise Desktop 12 SP2

  < 2.34.0-19.5.1

• suse•gdk-pixbuf&distro=SUSE Linux Enterprise Desktop 12 SP3

  < 2.34.0-19.5.1

• suse•gdk-pixbuf&distro=SUSE Linux Enterprise Server 12 SP2

  < 2.34.0-19.5.1

• suse•gdk-pixbuf&distro=SUSE Linux Enterprise Server 12 SP3

  < 2.34.0-19.5.1

• suse•gdk-pixbuf&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

  < 2.34.0-19.5.1

• suse•gdk-pixbuf&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

  < 2.34.0-19.5.1

• suse•gdk-pixbuf&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3

  < 2.34.0-19.5.1

• suse•gdk-pixbuf&distro=SUSE Linux Enterprise Software Development Kit 12 SP2

  < 2.34.0-19.5.1

• suse•gdk-pixbuf&distro=SUSE Linux Enterprise Software Development Kit 12 SP3

  < 2.34.0-19.5.1

References (12)

• https://www.suse.com/support/update/announcement/2017/suse-su-20172381-1/
• https://bugzilla.suse.com/1027024
• https://bugzilla.suse.com/1027025
• https://bugzilla.suse.com/1027026
• https://bugzilla.suse.com/1048289
• https://bugzilla.suse.com/1048544
• https://bugzilla.suse.com/1049877
• https://www.suse.com/security/cve/CVE-2017-2862
• https://www.suse.com/security/cve/CVE-2017-2870
• https://www.suse.com/security/cve/CVE-2017-6312
• https://www.suse.com/security/cve/CVE-2017-6313
• https://www.suse.com/security/cve/CVE-2017-6314