]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a819357) | patch
gdk-pixbuf: fix CVE-2025-7345
authorArchana Polampalli <archana.polampalli@windriver.com>
Mon, 14 Jul 2025 10:21:44 +0000 (15:51 +0530)
committerSteve Sakoman <steve@sakoman.com>
Wed, 16 Jul 2025 15:10:32 +0000 (08:10 -0700)
commit78a52a7feb995b4ab4f4df6b16feaac60f6ad59b
treef3438342f6f3e5b3e528cc634447628489ed7af5tree | snapshot
parenta8193571c8cdba55f568d831a4546e0fed892be0commit | diff
gdk-pixbuf: fix CVE-2025-7345

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function
(io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing
maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding,
allowing out-of-bounds reads from heap memory, potentially causing application crashes or
arbitrary code execution.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch [new file with mode: 0644] blob
meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib