An integer overflow in gdk-pixbuf2.0 was fixed upstream in 2.24.1-r1. Mageia 2 has 2.26.1 which is not affected. Patched package for Mageia 1 uploaded. Advisory: ======================== Updated gdk-pixbuf2.0 packages fix security vulnerability: An integer overflow flaw was found in the way X BitMap (XBM) image file format loader of gdk-pixbuf, an image loading library used with GNOME, used to read bitmap file data for certain images. A remote attacker could provide a specially-crafted XBM image file, which once loaded in an application linked against gdk-pixbuf, would lead to that application termination (GLib error and application abort) (CVE-2012-2370). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2370 https://bugzilla.redhat.com/show_bug.cgi?id=822468 ======================== Updated packages in core/updates_testing: ======================== gdk-pixbuf2.0-2.22.1-3.2.mga1 libgdk_pixbuf2.0_0-2.22.1-3.2.mga1 libgdk_pixbuf2.0-devel-2.22.1-3.2.mga1 from gdk-pixbuf2.0-2.22.1-3.2.mga1.src.rpm
Testing complete on Mageia 1 i586. Testing using the attachment (id=210585) from https://bugzilla.gnome.org/show_bug.cgi?id=672811 Before the update ... $ eog . GLib-ERROR **: gmem.c:170: failed to allocate 4294967291 bytes aborting... Aborted After the update, eog starts and displays a message that it could not load the image test.xbm
CC: (none) => davidwhodginsWhiteboard: (none) => mga1-32-OK
tested the same way as in comment #1 on Mageia 1 x86_64 Update validated. see comment #0 for advisory and SRPM.
Keywords: (none) => validated_updateCC: (none) => stormi, sysadmin-bugsWhiteboard: mga1-32-OK => MGA1-32-OK MGA1-64-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0149
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED