UbuntuUpdates.org

Package "gthumb"

Name: gthumb

Description:

image viewer and browser

Latest version: 3:3.8.0-2.1ubuntu0.1
Release: focal (20.04)
Level: updates
Repository: universe
Homepage: https://wiki.gnome.org/Apps/Gthumb

Links


Download "gthumb"


Other versions of "gthumb" in Focal

Repository Area Version
base universe 3:3.8.0-2.1build1
security universe 3:3.8.0-2.1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3:3.8.0-2.1ubuntu0.1 2022-10-14 03:06:21 UTC

  gthumb (3:3.8.0-2.1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2019-20326-*.patch: Do not scan
      more than CAIRO_MAX_IMAGE_SIZE lines. (LP: #1976189)
    - CVE-2019-20326
  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2020-36427-*.patch: Fixed crash in
      case of some malformed jpegs. (LP: #1976189)
    - CVE-2020-36427

 -- Fabian Toepfer <email address hidden> Sun, 29 May 2022 12:31:15 -0400

1976189 [CVE-2019-20326] gthumb crashes when trying to load an image with a height above 32767 px (heap-based buffer overflow)
CVE-2019-20326 A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.
CVE-2020-36427 GNOME gThumb before 3.10.1 allows an application crash via a malformed JPEG image.



About   -   Send Feedback to @ubuntu_updates