CentOS ProjectCESA-2005:343gdk security update
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.018 Low
EPSS
Percentile
88.2%
CentOS Errata and Security Advisory CESA-2005:343
The gdk-pixbuf package contains an image loading library used with the
GNOME GUI desktop environment.
A bug was found in the way gdk-pixbuf processes BMP images. It is possible
that a specially crafted BMP image could cause a denial of service attack
on applications linked against gdk-pixbuf. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to
this issue.
Users of gdk-pixbuf are advised to upgrade to these packages, which contain
a backported patch and is not vulnerable to this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-April/073695.html
https://lists.centos.org/pipermail/centos-announce/2005-April/073696.html
https://lists.centos.org/pipermail/centos-announce/2005-April/073699.html
https://lists.centos.org/pipermail/centos-announce/2005-April/073701.html
https://lists.centos.org/pipermail/centos-announce/2005-April/073703.html
https://lists.centos.org/pipermail/centos-announce/2005-April/073706.html
Affected packages:
gdk-pixbuf
gdk-pixbuf-devel
gdk-pixbuf-gnome
Upstream details at:
https://access.redhat.com/errata/RHSA-2005:343
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 3 | i386 | gdk-pixbuf | < 0.22.0-12.el3 | gdk-pixbuf-0.22.0-12.el3.i386.rpm |
| CentOS | 3 | i386 | gdk-pixbuf-devel | < 0.22.0-12.el3 | gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm |
| CentOS | 3 | i386 | gdk-pixbuf-gnome | < 0.22.0-12.el3 | gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm |
| CentOS | 3 | i386 | gdk-pixbuf | < 0.22.0-12.el3 | gdk-pixbuf-0.22.0-12.el3.i386.rpm |
| CentOS | 3 | x86_64 | gdk-pixbuf | < 0.22.0-12.el3 | gdk-pixbuf-0.22.0-12.el3.x86_64.rpm |
| CentOS | 3 | x86_64 | gdk-pixbuf-devel | < 0.22.0-12.el3 | gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm |
| CentOS | 3 | x86_64 | gdk-pixbuf-gnome | < 0.22.0-12.el3 | gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm |
| CentOS | 3 | ia64 | gdk-pixbuf | < 0.22.0-12.el3 | gdk-pixbuf-0.22.0-12.el3.ia64.rpm |
| CentOS | 3 | ia64 | gdk-pixbuf-devel | < 0.22.0-12.el3 | gdk-pixbuf-devel-0.22.0-12.el3.ia64.rpm |
| CentOS | 3 | ia64 | gdk-pixbuf-gnome | < 0.22.0-12.el3 | gdk-pixbuf-gnome-0.22.0-12.el3.ia64.rpm |
References
Related
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.018 Low
EPSS
Percentile
88.2%