Bug 3097 - CVE-2011-2485: gdk-pixbuf
Summary: CVE-2011-2485: gdk-pixbuf
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 1
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard:
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2011-10-18 18:15 CEST by Nicolas Vigier
Modified: 2011-10-19 21:50 CEST (History)
7 users (show)

See Also:
Source RPM: gdk-pixbuf2.0
CVE:
Status comment:


Attachments

Description Nicolas Vigier 2011-10-18 18:15:33 CEST
It was found that gdk-pixbuf GIF image loader gdk_pixbuf__gif_image_load()
routine did not properly handle certain return values from their subroutines.
A remote attacker could provide a specially-crafted GIF image, which once
opened in an application, linked against gdk-pixbuf would lead to gdk-pixbuf
to return partially initialized pixbuf structure, possibly having huge
width and height, leading to that particular application termination due
excessive memory use.

The CVE identifier of CVE-2011-2485 has been assigned to this issue.

http://git.gnome.org/browse/gdk-pixbuf/commit/gdk-pixbuf/io-gif.c?id=f8569bb1
Comment 1 Manuel Hiebel 2011-10-18 22:10:28 CEST
As no maintainer, I add the four more commiters of this package

CC: (none) => cjw, dmorganec, fundawang, jani.valimaa

Comment 2 Funda Wang 2011-10-19 03:38:55 CEST
Uploaded, please test.

Status: NEW => ASSIGNED

Comment 3 Dave Hodgins 2011-10-19 05:24:12 CEST
Any sample image files to demonstrate the problem?

CC: (none) => davidwhodgins

Nicolas Vigier 2011-10-19 11:42:14 CEST

Assignee: bugsquad => qa-bugs

Comment 4 claire robinson 2011-10-19 13:02:54 CEST
I can't find any on the web anywhere so we should test for regressions. 

It was reported against pidgin apparently so we should ensure gif images, smilies I guess, still work OK in pidgin.

It looks like it's used by most applications.

Tested x86_64 with eog & gimp opening various image formats all normal.

Pidgin appears normal.
Comment 5 claire robinson 2011-10-19 13:16:02 CEST
Tested the same way i586, all appears OK.

Update validate

Advisory
----------------
It was found that gdk-pixbuf GIF image loader gdk_pixbuf__gif_image_load()
routine did not properly handle certain return values from their subroutines.
A remote attacker could provide a specially-crafted GIF image, which once
opened in an application, linked against gdk-pixbuf would lead to gdk-pixbuf
to return partially initialized pixbuf structure, possibly having huge
width and height, leading to that particular application termination due
excessive memory use.

The CVE identifier of CVE-2011-2485 has been assigned to this issue.
------------------

SRPM: gdk-pixbuf2.0-2.22.1-3.1.mga1.src.rpm

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 6 Thomas Backlund 2011-10-19 21:50:04 CEST
Update pushed.

Status: ASSIGNED => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.