6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
85.8%
gdk-pixbuf was updated to version 2.31.6 to fix a secuirty vulnerability and several bugs.
Really fix bgo#752297. This is CVE-2015-4491.
Updated translations.
Add support for g_autoptr for all object types (bgo#750497).
Avoid a possible divide-by-zero in the pixbuf loader (bgo#750440).
Remove gettext .pot file hack (bgo#743574).
Be more careful about integer overflow (bgo#752297).
Updated translations.
Drop README from docs as it is now empty.
Add generic www.gnome.org URL to silence a few lint warnings.
Update to version 2.31.4 :
SVGZ icons in notification GNOME3 (bgo#648815).
gdk_pixbuf_apply_embedded_orientation is not working (bgo#725582).
Updated translations.
API changes: Revert an annotation change that broke bindings.
Build fixes :
Clean up configure
Fix Visual Studio build
Define MAP_ANONYMOUS when needed
Include gi18n-lib.h where needed
Deprecate GdkPixdata.
Add gdk_pixbuf_get_options() helper to list set options.
Annotations fixes for various functions.
Remove incorrect info about area-prepared signal.
Flag multi-page TIFF files.
Fix memory usage for GIF animations, add note about minimum frame length.
Return an error for truncated PNG files.
Add density (DPI) support for JPEG, PNG and TIFF.
Fix reading CMYK JPEG files generated by Photoshop.
Allow saving 1-bit mono TIFF files as used in faxes.
Simplify loader names.
Fix loading GIF files when the first write is short.
Add progressive loading to ICNS files.
Add support for 256x256 ICO files.
Fix reading MS AMCap2 BMP files.
Honour requested depth in Xlib.
Special-case compositing/copying with no scaling.
Add relocation support to OSX and Linux.
Prefer gdk-pixbuf’s loaders to the GDI+ ones on Windows.
fix bashism in post script
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2015-570.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(85839);
script_version("2.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2015-4491");
script_name(english:"openSUSE Security Update : gdk-pixbuf (openSUSE-2015-570)");
script_summary(english:"Check for the openSUSE-2015-570 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"gdk-pixbuf was updated to version 2.31.6 to fix a secuirty
vulnerability and several bugs.
- Update to version 2.31.6 (boo#942801) :
+ Really fix bgo#752297. This is CVE-2015-4491.
+ Updated translations.
- Update to version 2.31.5 :
+ Add support for g_autoptr for all object types
(bgo#750497).
+ Avoid a possible divide-by-zero in the pixbuf loader
(bgo#750440).
+ Remove gettext .pot file hack (bgo#743574).
+ Be more careful about integer overflow (bgo#752297).
+ Updated translations.
- Drop README from docs as it is now empty.
- Add generic www.gnome.org URL to silence a few lint
warnings.
- Update to version 2.31.4 :
+ SVGZ icons in notification GNOME3 (bgo#648815).
+ gdk_pixbuf_apply_embedded_orientation is not working
(bgo#725582).
+ Updated translations.
- Update to version 2.31.3 :
+ API changes: Revert an annotation change that broke
bindings.
+ Build fixes :
- Clean up configure
- Fix Visual Studio build
- Define MAP_ANONYMOUS when needed
- Include gi18n-lib.h where needed
+ Updated translations.
- Update to version 2.31.2 :
+ API changes :
- Deprecate GdkPixdata.
- Add gdk_pixbuf_get_options() helper to list set options.
- Annotations fixes for various functions.
- Remove incorrect info about area-prepared signal.
+ Image format support changes :
- Flag multi-page TIFF files.
- Fix memory usage for GIF animations, add note about
minimum frame length.
- Return an error for truncated PNG files.
- Add density (DPI) support for JPEG, PNG and TIFF.
- Fix reading CMYK JPEG files generated by Photoshop.
- Allow saving 1-bit mono TIFF files as used in faxes.
- Simplify loader names.
- Fix loading GIF files when the first write is short.
- Add progressive loading to ICNS files.
- Add support for 256x256 ICO files.
- Fix reading MS AMCap2 BMP files.
+ Other :
- Honour requested depth in Xlib.
- Special-case compositing/copying with no scaling.
- Add relocation support to OSX and Linux.
- Prefer gdk-pixbuf's loaders to the GDI+ ones on Windows.
- fix bashism in post script"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=942801"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected gdk-pixbuf packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gdk-pixbuf-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gdk-pixbuf-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gdk-pixbuf-devel-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gdk-pixbuf-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gdk-pixbuf-devel-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gdk-pixbuf-lang");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gdk-pixbuf-query-loaders");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gdk-pixbuf-query-loaders-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gdk-pixbuf-query-loaders-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gdk-pixbuf-query-loaders-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgdk_pixbuf-2_0-0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgdk_pixbuf-2_0-0-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgdk_pixbuf-2_0-0-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libgdk_pixbuf-2_0-0-debuginfo-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:typelib-1_0-GdkPixbuf-2_0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
script_set_attribute(attribute:"patch_publication_date", value:"2015/08/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/08");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE13.2", reference:"gdk-pixbuf-debugsource-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"gdk-pixbuf-devel-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"gdk-pixbuf-devel-debuginfo-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"gdk-pixbuf-lang-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"gdk-pixbuf-query-loaders-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"gdk-pixbuf-query-loaders-debuginfo-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"libgdk_pixbuf-2_0-0-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"libgdk_pixbuf-2_0-0-debuginfo-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", reference:"typelib-1_0-GdkPixbuf-2_0-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"gdk-pixbuf-devel-32bit-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"gdk-pixbuf-devel-debuginfo-32bit-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"gdk-pixbuf-query-loaders-32bit-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"gdk-pixbuf-query-loaders-debuginfo-32bit-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libgdk_pixbuf-2_0-0-32bit-2.31.6-3.1") ) flag++;
if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libgdk_pixbuf-2_0-0-debuginfo-32bit-2.31.6-3.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gdk-pixbuf-debugsource / gdk-pixbuf-devel / gdk-pixbuf-devel-32bit / etc");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | opensuse | gdk-pixbuf-debugsource | p-cpe:/a:novell:opensuse:gdk-pixbuf-debugsource |
novell | opensuse | gdk-pixbuf-devel | p-cpe:/a:novell:opensuse:gdk-pixbuf-devel |
novell | opensuse | gdk-pixbuf-devel-32bit | p-cpe:/a:novell:opensuse:gdk-pixbuf-devel-32bit |
novell | opensuse | gdk-pixbuf-devel-debuginfo | p-cpe:/a:novell:opensuse:gdk-pixbuf-devel-debuginfo |
novell | opensuse | gdk-pixbuf-devel-debuginfo-32bit | p-cpe:/a:novell:opensuse:gdk-pixbuf-devel-debuginfo-32bit |
novell | opensuse | gdk-pixbuf-lang | p-cpe:/a:novell:opensuse:gdk-pixbuf-lang |
novell | opensuse | gdk-pixbuf-query-loaders | p-cpe:/a:novell:opensuse:gdk-pixbuf-query-loaders |
novell | opensuse | gdk-pixbuf-query-loaders-32bit | p-cpe:/a:novell:opensuse:gdk-pixbuf-query-loaders-32bit |
novell | opensuse | gdk-pixbuf-query-loaders-debuginfo | p-cpe:/a:novell:opensuse:gdk-pixbuf-query-loaders-debuginfo |
novell | opensuse | gdk-pixbuf-query-loaders-debuginfo-32bit | p-cpe:/a:novell:opensuse:gdk-pixbuf-query-loaders-debuginfo-32bit |