Security update for imlib2
This imlib2 update to version 1.4.9 fixes the following issues:
Security issues fixed:
- CVE-2011-5326: divide by 0 when drawing an ellipse of height 1 (boo#974202)
- CVE-2014-9762: segmentation fault on images without colormap (boo#963796)
- CVE-2014-9764: segmentation fault when opening specifically crafted input (boo#963797)
- CVE-2014-9763: division-by-zero crashes when opening images (boo#963800)
- CVE-2014-9771: exploitable integer overflow in _imlib_SaveImage (boo#974854)
- CVE-2016-3994: imlib2/evas Potential DOS in giflib loader (boo#973759)
- CVE-2016-3993: off by 1 Potential DOS (boo#973761)
- CVE-2016-4024: integer overflow resulting in insufficient heap allocation (boo#975703)
-
Submitted by
Simon Lees (simotek)
Fixed bugs
bnc#974854
VUL-0: CVE-2014-9771: imlib2: exploitable integer overflow in _imlib_SaveImage
bnc#973759
VUL-1: CVE-2016-3994: imlib2: imlib2/evas Potential DOS in giflib loader
bnc#973761
VUL-1: CVE-2016-3993: imlib2: off by 1 Potential DOS
bnc#963796
VUL-1: CVE-2014-9762: imlib2: Segmentation fault on images without colormap
bnc#963797
VUL-1: CVE-2014-9764: imlib2: segmentation fault when opening specifically crafted input
bnc#974202
VUL-1: CVE-2011-5326: imlib2: divide by 0 when drawing an ellipse of height 1
bnc#975703
VUL-0: CVE-2016-4024: imlib2: integer overflow resulting in insufficient heap allocation
bnc#963800
VUL-1: CVE-2014-9763: imlib2: Division-by-zero crashes when opening images
