A CVE has been assigned for a security issue fixed last October in gdk-pixbuf2.0: http://openwall.com/lists/oss-security/2016/05/17/7 Patch added in Mageia 5 SVN. The Cauldron version already contains the fix.
Patched package uploaded for Mageia 5. To test, make sure Firefox can load images OK. Advisory: ======================== Updated gdk-pixbuf packages fix security vulnerability: The gdk-pixbuf2.0 library is vulnerable to overflows in the pixops_composite_nearest(), pixops_composite_color_nearest() and pixops_process() functions in pixops/pixops.c (CVE-2015-8875). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8875 http://openwall.com/lists/oss-security/2016/05/17/7 ======================== Updated packages in core/updates_testing: ======================== gdk-pixbuf2.0-2.32.1-1.1.mga5 libgdk_pixbuf2.0_0-2.32.1-1.1.mga5 libgdk_pixbuf2.0-devel-2.32.1-1.1.mga5 libgdk_pixbuf-gir2.0-2.32.1-1.1.mga5 from gdk-pixbuf2.0-2.32.1-1.1.mga5.src.rpm
Assignee: bugsquad => qa-bugsWhiteboard: (none) => has_procedure
Searched for bunnies in Google Image Search in Firefox on Mageia 5 i586. Still cute.
Whiteboard: has_procedure => has_procedure MGA5-32-OK
Bunnies are still cute on Mageia 5 x86_64 also.
Whiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK MGA5-64-OK
In the light of David's OKs (but not understanding what bunnies are about), thanks for same. Validating, Advisory to follow.
Keywords: (none) => validated_updateCC: (none) => lewyssmith, sysadmin-bugs
CC: (none) => davidwhodginsWhiteboard: has_procedure MGA5-32-OK MGA5-64-OK => has_procedure MGA5-32-OK MGA5-64-OK advisory
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0192.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/688210/