]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: aec0292) | patch
gdk-pixbuf: fix CVE-2025-7345
authorArchana Polampalli <archana.polampalli@windriver.com>
Mon, 14 Jul 2025 09:25:11 +0000 (14:55 +0530)
committerSteve Sakoman <steve@sakoman.com>
Mon, 14 Jul 2025 16:56:24 +0000 (09:56 -0700)
commitbb80f57bc3818937d5a207040bfd44021dee4e6e
tree2e3f8f416322f9af3fd38b8b2cee2de4e616998etree | snapshot
parentaec02926ecaeb792ca987e540820c9da5fbdc49acommit | diff
gdk-pixbuf: fix CVE-2025-7345

A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function
(io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing
maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding,
allowing out-of-bounds reads from heap memory, potentially causing application crashes or
arbitrary code execution.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-7345.patch [new file with mode: 0644] blob
meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core