Security update for gdk-pixbuf
| Announcement ID: | SUSE-SU-2024:2077-2 |
|---|---|
| Rating: | important |
| References: | |
| Cross-References: | |
| CVSS scores: |
|
| Affected Products: |
|
An update that solves one vulnerability and has two security fixes can now be installed.
Description:
This update for gdk-pixbuf fixes the following issues:
gdk-pixbuf was updated to version 2.42.12:
-
Security issues fixed:
-
CVE-2022-48622: Fixed heap memory corruption on gdk-pixbuf (bsc#1219276)
-
Changes in version 2.42.12:
-
ani: Reject files with multiple INA or IART chunks,
- ani: validate chunk size,
-
Updated translations.
-
Enable other image loaders such as xpm and xbm (bsc#1223903)
-
Changes in version 2.42.11:
-
Disable fringe loaders by default.
- Introspection fixes.
-
Updated translations.
-
Changes in version 2.42.10:
-
Search for rst2man.py.
- Update the memory size limit for JPEG images.
-
Updated translations.
-
Fixed loading of larger images
- Avoid Bash specific syntax in baselibs postscript (bsc#1195391)
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-2077=1
Package List:
-
SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
- gdk-pixbuf-debugsource-2.42.12-150400.5.9.1
- typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.9.1
- libgdk_pixbuf-2_0-0-2.42.12-150400.5.9.1
- gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.9.1
- gdk-pixbuf-query-loaders-2.42.12-150400.5.9.1
- libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.9.1