Description
JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability
(CVE-2017-2862).
tiff_image_parse Code Execution Vulnerability (CVE-2017-2870).
Ariel Zelivansky discovered that the GDK-PixBuf library did not properly
handle printing certain error messages. If an user or automated system were
tricked into opening a specially crafted image file, a remote attacker
could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of
service (CVE-2017-6311).
Out-of-bounds read on io-ico.c (CVE-2017-6312).
A dangerous integer underflow in io-icns.c (CVE-2017-6313).
Infinite loop in io-tiff.c (CVE-2017-6314).
Note, the CVE-2017-2862, CVE-2017-2870, and CVE-2017-6311 issues only
affected Mageia 5.