DSA-3537-1

Source
https://storage.googleapis.com/debian-osv/dsa-osv/DSA-3537-1.json
Aliases
Published
2016-03-31T00:00:00Z
Modified
2022-08-10T07:08:17.545023Z
Details

Several vulnerabilities were discovered in imlib2, an image manipulation library.

  • CVE-2014-9762 A segmentation fault could occur when opening GIFs without a colormap.
  • CVE-2014-9763 Several divisions by zero, resulting in a program crash, could occur when handling PNM files.
  • CVE-2014-9764 A segmentation fault could occur when opening GIFs with feh.

For the oldstable distribution (wheezy), these problems have been fixed in version 1.4.5-1+deb7u1.

For the stable distribution (jessie), these problems have been fixed in version 1.4.6-2+deb8u1.

For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 1.4.7-1.

We recommend that you upgrade your imlib2 packages.

References

Affected packages

Debian:7 / imlib2

imlib2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
1.4.5-1+deb7u1

Affected versions

1.*

1.4.5-1

Debian:8 / imlib2

imlib2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
1.4.6-2+deb8u1

Affected versions

1.*

1.4.6-2