News

=========================================================== Ubuntu Security Notice USN-108-1 April 05, 2005 gtk+2.0, gdk-pixbuf vulnerabilities CAN-2005-0891 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: libgdk-pixbuf2 libgtk2.0-0 The problem can be corrected by upgrading the affected package to version 0.22.0-7ubuntu1.1 (libgdk-pixbuf2) and 2.4.10-1ubuntu1.1 (libgtk2.0-0). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Matthias Clasen discovered a Denial of Service vulnerability in the BMP image module of gdk. Processing a specially crafted BMP image with an application using gdk-pixbuf caused an allocated memory block to be free()'ed twice, leading to a crash of the application. However, it is believed that this cannot be exploited to execute arbitrary attacker provided code.