| Summary: | <media-gfx/gthumb-3.10.2: DoS via malformed JPEG (CVE-2020-36427) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://download.gnome.org/sources/gthumb/3.10/gthumb-3.10.0.news | ||
| Whiteboard: | B3 [noglsa cve] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
John Helmert III
2020-09-21 00:50:46 UTC
x86 done amd64 done all arches done Please cleanup, thanks! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dce71c653b6213576fc0ac27963b8d052c8d0d47 commit dce71c653b6213576fc0ac27963b8d052c8d0d47 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2021-02-28 13:08:12 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2021-02-28 13:08:12 +0000 media-gfx/gthumb: security cleanup Bug: https://bugs.gentoo.org/743865 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Mart Raudsepp <leio@gentoo.org> media-gfx/gthumb/Manifest | 1 - media-gfx/gthumb/gthumb-3.10.0.ebuild | 89 ----------------------------------- 2 files changed, 90 deletions(-) > * Jpeg loader: fixed crash in case of some malformed jpegs. (Joerg
> Fellmann)
Requested a CVE for this, seems like the only one that's really security relevant. The others would require the user to do it to themselves.
Package list is empty or all packages have requested keywords. (In reply to John Helmert III from comment #5) > > * Jpeg loader: fixed crash in case of some malformed jpegs. (Joerg > > Fellmann) > > Requested a CVE for this, seems like the only one that's really security > relevant. The others would require the user to do it to themselves. And since this is so low impact, no GLSA. All done! |