Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "3.10.2-0ubuntu5.2", "binary_name": "eog" }, { "binary_version": "3.10.2-0ubuntu5.2", "binary_name": "eog-dbg" }, { "binary_version": "3.10.2-0ubuntu5.2", "binary_name": "eog-dbgsym" }, { "binary_version": "3.10.2-0ubuntu5.2", "binary_name": "eog-dev" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "3.18.2-1ubuntu2.1", "binary_name": "eog" }, { "binary_version": "3.18.2-1ubuntu2.1", "binary_name": "eog-dbg" }, { "binary_version": "3.18.2-1ubuntu2.1", "binary_name": "eog-dbgsym" }, { "binary_version": "3.18.2-1ubuntu2.1", "binary_name": "eog-dev" } ] }