RHEL 2.1 / 3 : gdk-pixbuf (RHSA-2004:103)
Medium Nessus Plugin ID 12476
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionUpdated gdk-pixbuf packages that fix a crash are now available.
The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment.
Thomas Kristensen discovered a bitmap file that would cause versions of gdk-pixbuf prior to 0.20 to crash. To exploit this flaw, an attacker would need to get a victim to open a carefully-crafted BMP file in an application that used gdk-pixbuf. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0111 to this issue.
Users are advised to upgrade to these updated packages containing gdk-pixbuf version 0.22, which is not vulnerable to this issue.
SolutionUpdate the affected gdk-pixbuf, gdk-pixbuf-devel and / or gdk-pixbuf-gnome packages.