You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa gdk pixbuf

Sigurnosni nedostatak programskog paketa gdk pixbuf

by Dona Šeruga - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4663-1
December 08, 2020

gdk-pixbuf vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.10
– Ubuntu 20.04 LTS

Summary:

GDK-PixBuf could be made to hang if it opened a specially crafted file.

Software Description:
– gdk-pixbuf: GDK Pixbuf library

Details:

Melvin Kool discovered that the GDK-PixBuf library did not properly handle
certain GIF images. If an user or automated system were tricked into
opening a specially crafted GIF file, a remote attacker could use this flaw
to cause GDK-PixBuf to hang, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
libgdk-pixbuf2.0-0 2.40.0+dfsg-5ubuntu0.1

Ubuntu 20.04 LTS:
libgdk-pixbuf2.0-0 2.40.0+dfsg-3ubuntu0.1

After a standard system update you need to restart your session to make all
the necessary changes.

References:
https://usn.ubuntu.com/4663-1
CVE-2020-29385

Package Information:
https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.40.0+dfsg-5ubuntu0.1
https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.40.0+dfsg-3ubuntu0.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl/PuAsACgkQZWnYVadE
vpOpDg/+KqT88h2b+MQKJPz8pVUvWEfzJKfXuORGCQQYWxFQMIYZsb5sipEQQyr9
qPwgxqdCRtDQ3AQ7gmXzO452OJR97v3nl/fLf86cc9seQptohFP8qa/SQyKG3r9w
XyTeopjPOwkbbKdREj8fIGCEwGksiCcR5pmXkelAg7RXGRplxVapq6yDuuTiOLyd
9NdAKHO7vCK7e86FXrLIwak02DJR57cEFGojhxEOWLw95SLgSrl23SHbNu30gmaU
uX1aykj7hEehg2XnR+VhuKJJzOHZuInk0lV4Rt8nCxHuy9ylrmGwo8feFq0J8DMi
6XQvU1U1cv2/wm51DJp1M6Ig5WMNrlwkyfC+CKTD9JQ8JGu7fcqozVIpZIh0SONJ
Q2yRuJ17iAERIx9Gwg/HMqWvVoDp/Pc2Z/SjiIvjv4ax6Ps3uHGUTkV/mVcui+5+
O3dZz7AHxdJdkVkR/6SD9ZEklkZ5pYIf6nmL6E6WSnmfLlaB7PiO8Dirnhx6KJAX
WRRe097MFX6R7UvXk1nkih+Mnag9oByO3VzN8ZRQilgngt4d/DbrirJKAYXSGXo7
cnMNp+Tqi/B2ZiClvRhckBEzuNzbW1cdnmEjq1camAupoy7BtQ7DQ8r+i949AlSh
+JX2s5n0YKw2ed6cvg6fUbKxTG+3/mZqtMQC0TUxOuOWM/+0JrA=
=IOpu
—–END PGP SIGNATURE—–

AutorDona Šeruga
Cert idNCERT-REF-2020-12-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Dona Šeruga
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa aptdaemon

Otkriveni su sigurnosni nedostaci u programskom paketu aptdaemon za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja...

Close