Slackware Local Security Checks : Slackware: Security Advisory (SSA:2016-203-01)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.13.2016.203.01

Kategorie: Slackware Local Security Checks

Titel: Slackware: Security Advisory (SSA:2016-203-01)

Zusammenfassung: The remote host is missing an update for the 'gimp' package(s) announced via the SSA:2016-203-01 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'gimp' package(s) announced via the SSA:2016-203-01 advisory.

Vulnerability Insight:
New gimp packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/gimp-2.8.18-i586-1_slack14.2.txz: Upgraded.
This release fixes a security issue:
Use-after-free vulnerability in the xcf_load_image function in
app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of
service (program crash) or possibly execute arbitrary code via a crafted
XCF file.
For more information, see:
[link moved to references]
(* Security fix *)
+--------------------------+

Affected Software/OS:
'gimp' package(s) on Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-4994
1036226
http://www.securitytracker.com/id/1036226
91425
http://www.securityfocus.com/bid/91425
DSA-3612
http://www.debian.org/security/2016/dsa-3612
RHSA-2016:2589
http://rhn.redhat.com/errata/RHSA-2016-2589.html
SSA:2016-203-01
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.431987
USN-3025-1
http://www.ubuntu.com/usn/USN-3025-1
https://bugzilla.gnome.org/show_bug.cgi?id=767873
https://git.gnome.org/browse/gimp/commit/?id=e82aaa4b4ee0703c879e35ea9321fff6be3e9b6f
openSUSE-SU-2016:1727
http://lists.opensuse.org/opensuse-updates/2016-07/msg00005.html

Copyright Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.13.2016.203.01
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2016-203-01)
Zusammenfassung:	The remote host is missing an update for the 'gimp' package(s) announced via the SSA:2016-203-01 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'gimp' package(s) announced via the SSA:2016-203-01 advisory. Vulnerability Insight: New gimp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/gimp-2.8.18-i586-1_slack14.2.txz: Upgraded. This release fixes a security issue: Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file. For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'gimp' package(s) on Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4994 1036226 http://www.securitytracker.com/id/1036226 91425 http://www.securityfocus.com/bid/91425 DSA-3612 http://www.debian.org/security/2016/dsa-3612 RHSA-2016:2589 http://rhn.redhat.com/errata/RHSA-2016-2589.html SSA:2016-203-01 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.431987 USN-3025-1 http://www.ubuntu.com/usn/USN-3025-1 https://bugzilla.gnome.org/show_bug.cgi?id=767873 https://git.gnome.org/browse/gimp/commit/?id=e82aaa4b4ee0703c879e35ea9321fff6be3e9b6f openSUSE-SU-2016:1727 http://lists.opensuse.org/opensuse-updates/2016-07/msg00005.html
Copyright	Copyright (C) 2022 Greenbone AG