Report: https://bugzilla.gnome.org/show_bug.cgi?id=752297 Patch: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=ffec86e I think this affects gdk-pixbuf 2.31 and above. Not sure which version is on Mageia 5. Reproducible: Steps to Reproduce:
Mageia 5 has gdk-pixbuf2.0-2.31.2-2.mga5.src.rpm so probably affected.
Version: Cauldron => 5
CC: (none) => mageiaSource RPM: gdk-pixbuf => gdk-pixbuf2.0-2.31.2-2.mga5.src.rpm
Fixed in Mageia 5 SVN. CVE request: http://openwall.com/lists/oss-security/2015/07/17/17
CC: (none) => luigiwalser
CC: (none) => olav, thierry.vignaud
Apparently this is the CVE-2015-4491 issue that was fixed in Firefox 38.2: http://openwall.com/lists/oss-security/2015/08/13/2 Advisory: ======================== Updated gdk-pixbuf packages fix security vulnerability: Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf. This issue is triggered by the scaling of a malformed bitmap format image and results in a potentially exploitable crash (CVE-2015-4491). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491 https://www.mozilla.org/en-US/security/advisories/mfsa2015-88/ http://openwall.com/lists/oss-security/2015/08/13/2 ======================== Updated packages in core/updates_testing: ======================== gdk-pixbuf2.0-2.31.2-2.1.mga5 libgdk_pixbuf2.0_0-2.31.2-2.1.mga5 libgdk_pixbuf2.0-devel-2.31.2-2.1.mga5 libgdk_pixbuf-gir2.0-2.31.2-2.1.mga5 from gdk-pixbuf2.0-2.31.2-2.1.mga5.src.rpm
Assignee: bugsquad => qa-bugs
Testing Mageia 5 x64, using: firefox-38.2.0-1.mga5 (just updated) This update: lib64gdk_pixbuf2.0_0-2.31.2-2.1.mga5 lib64gdk_pixbuf-gir2.0-2.31.2-2.1.mga5 gdk-pixbuf2.0-2.31.2-2.1.mga5 Looked at flickr.com, just photographs. No problems. OK.
CC: (none) => lewyssmithWhiteboard: (none) => MGA5-64-OK
Keywords: (none) => validated_updateWhiteboard: MGA5-64-OK => MGA5-64-OK advisoryCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0313.html
Status: NEW => RESOLVEDResolution: (none) => FIXED