Upstream information
Description
fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Novell/SUSE information
Novell Bugzilla entries: 763595, 768376, 769565 SUSE Security Advisories:- openSUSE-SU-2012:1080-1, published Mon, 3 Sep 2012 11:09:17 +0200 (CEST)
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SLE 11 SP1 DEBUGINFO |
| sle11-sp2-sdk.ppc sle11-sp1-sdk.x86 sled11-sp1.x86 sle11-sp2-sdk.s390x sle11-sp1-sdk.s390x sled11-sp2.x86-64 sle11-sp1-sdk.ppc sle11-sp1-sdk.ia64 sle11-sp2-sdk.x86-64 sled11-sp2.x86 sled11-sp1.x86-64 sle11-sp1-sdk.x86-64 sle11-sp2-sdk.ia64 sle11-sp2-sdk.x86 SAT Patch Nr: 6542 |
| SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Software Development Kit 11 SP2 |
| sle11-sp2-sdk.ppc sle11-sp1-sdk.x86 sled11-sp1.x86 sle11-sp2-sdk.s390x sle11-sp1-sdk.s390x sled11-sp2.x86-64 sle11-sp1-sdk.ppc sle11-sp1-sdk.ia64 sle11-sp2-sdk.x86-64 sled11-sp2.x86 sled11-sp1.x86-64 sle11-sp1-sdk.x86-64 sle11-sp2-sdk.ia64 sle11-sp2-sdk.x86 SAT Patch Nr: 6542 |
| SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 |
| sle11-sp2-sdk.ppc sle11-sp1-sdk.x86 sled11-sp1.x86 sle11-sp2-sdk.s390x sle11-sp1-sdk.s390x sled11-sp2.x86-64 sle11-sp1-sdk.ppc sle11-sp1-sdk.ia64 sle11-sp2-sdk.x86-64 sled11-sp2.x86 sled11-sp1.x86-64 sle11-sp1-sdk.x86-64 sle11-sp2-sdk.ia64 sle11-sp2-sdk.x86 SAT Patch Nr: 6542 |
| SLE SDK 10 SP4 for IBM iSeries and IBM pSeries SLE SDK 10 SP4 for IBM zSeries SLE SDK 10 SP4 for IPF SLE SDK 10 SP4 for X86-64 SLE SDK 10 SP4 for x86 SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 10 SP4 for x86 |
| sled10-sp4.x86-64 sle10-sp4-sdk.s390x sled10-sp4.x86 sle10-sp4-sdk.x86-64 sle10-sp4-sdk.ppc sle10-sp4-sdk.x86 sle10-sp4-sdk.ia64 ZYPP Patch Nr: 8219 |