]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 49ccf7b) | patch
gdk-pixbuf: fix CVE-2025-7345
authorArchana Polampalli <archana.polampalli@windriver.com>
Mon, 14 Jul 2025 12:18:49 +0000 (17:48 +0530)
committerSteve Sakoman <steve@sakoman.com>
Mon, 14 Jul 2025 16:14:38 +0000 (09:14 -0700)
commit1803f965e4990be3fbdcd52544f0080e9c83800d
tree11d83dc591370721bdc7d17ce116e5d8c527ebcctree | snapshot
parent49ccf7b56a0598f84dcac2532c462aa2c285f66ccommit | diff
gdk-pixbuf: fix CVE-2025-7345

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function
(io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing
maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding,
allowing out-of-bounds reads from heap memory, potentially causing application crashes or
arbitrary code execution.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch [new file with mode: 0644] blob
meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib