Bug#1109262: CVE-2025-7345: gdk-pixbuf: heap buffer overflow in JPEGs with chunked ICC data
Carlos Henrique Lima Melara
charles at debian.org
Fri Sep 26 16:43:20 BST 2025
Hi,
On Fri, Sep 26, 2025 at 10:00:35AM +0100, Simon McVittie wrote:
> On Thu, 25 Sep 2025 at 23:46:46 -0300, Carlos Henrique Lima Melara wrote:
> > From what I've read, the reporter couldn't reproduce the bug and asked
> > for it to be closed, the fix was unblocked and got into trixie and
> > enough time has passed now, right? Do you still think we should hold off
> > here for (now) oldstable and LTS?
>
> I think this is at a point where someone could look into it for bookworm and
> LTS (and the change has also made it into a stable release upstream).
>
> I'm not intending to work on this for the older releases myself - if you can
> pick this up, that would be appreciated.
Ack, I'll pick it up.
> > Did you get any other regression reports in trixie, testing or unstable?
>
> Not that I've seen.
Ack, thanks!
Cheers,
Charles
More information about the pkg-gnome-maintainers
mailing list