Bug#856445: gdk-pixbuf: CVE-2017-6313: Integer underflow in io-icns.c
Salvatore Bonaccorso
carnil at debian.org
Wed Mar 1 06:03:30 UTC 2017
Source: gdk-pixbuf
Version: 2.31.1-2
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for gdk-pixbuf. There is no
patch upstream yet, and from a quick skim over io-icns.c the soure is
there.
CVE-2017-6313[0]:
An dangerous integer underflow in io-icns.c
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-6313
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6313
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the pkg-gnome-maintainers
mailing list