You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa imlib2

Sigurnosni nedostaci programskog paketa imlib2

——————————————————————————–
Fedora Update Notification
FEDORA-2016-b4212484d5
2016-05-23 19:57:05.958827
——————————————————————————–

Name : imlib2
Product : Fedora 22
Version : 1.4.9
Release : 1.fc22
URL : http://docs.enlightenment.org/api/imlib2/html/
Summary : Image loading, saving, rendering, and manipulation library
Description :
Imlib 2 is a library that does image file loading and saving as well
as rendering, manipulation, arbitrary polygon support, etc. It does
ALL of these operations FAST. Imlib2 also tries to be highly
intelligent about doing them, so writing naive programs can be done
easily, without sacrificing speed. This is a complete rewrite over
the Imlib 1.x series. The architecture is more modular, simple, and
flexible.

——————————————————————————–
Update Information:

A new upstream update fixing several vulnerabilities. See the bug list for more
information. —- Rebase to the new upstream bugfix-only version. Add security
fixes for the referenced bugs.
——————————————————————————–
References:

[ 1 ] Bug #1323616 – CVE-2016-3993 imlib2: off by one error in MergeUpdate
https://bugzilla.redhat.com/show_bug.cgi?id=1323616
[ 2 ] Bug #1327477 – CVE-2016-4024 imlib2: integer overflow resulting in insufficient heap allocation
https://bugzilla.redhat.com/show_bug.cgi?id=1327477
[ 3 ] Bug #1323060 – CVE-2016-3994 imlib2: out of bound read in GIF loader
https://bugzilla.redhat.com/show_bug.cgi?id=1323060
[ 4 ] Bug #1323080 – CVE-2011-5326 imlib2: divide by zero on 2×1 ellipse
https://bugzilla.redhat.com/show_bug.cgi?id=1323080
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update imlib2’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2016-ff070e8faa
2016-05-23 20:01:26.262815
——————————————————————————–

Name : imlib2
Product : Fedora 23
Version : 1.4.9
Release : 1.fc23
URL : http://docs.enlightenment.org/api/imlib2/html/
Summary : Image loading, saving, rendering, and manipulation library
Description :
Imlib 2 is a library that does image file loading and saving as well
as rendering, manipulation, arbitrary polygon support, etc. It does
ALL of these operations FAST. Imlib2 also tries to be highly
intelligent about doing them, so writing naive programs can be done
easily, without sacrificing speed. This is a complete rewrite over
the Imlib 1.x series. The architecture is more modular, simple, and
flexible.

——————————————————————————–
Update Information:

A new upstream update fixing several vulnerabilities. See the bug list for more
information.
——————————————————————————–
References:

[ 1 ] Bug #1323616 – CVE-2016-3993 imlib2: off by one error in MergeUpdate
https://bugzilla.redhat.com/show_bug.cgi?id=1323616
[ 2 ] Bug #1327477 – CVE-2016-4024 imlib2: integer overflow resulting in insufficient heap allocation
https://bugzilla.redhat.com/show_bug.cgi?id=1327477
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update imlib2’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa rpm

Otkriveni su sigurnosni nedostaci u programskom paketu rpm za Fedoru 22. Otkriveni nedostaci potencijalnim napadačima omogućuju rušenje aplikacije i čitanje...

Close