openSUSE-SU-2016:2374-1: moderate: Security update for gtk2

24 Sep 2016

      openSUSE Security Update: Security update for gtk2
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2016:2374-1
Rating:             moderate
References:         #966682 #999375 
Cross-References:   CVE-2013-7447
Affected Products:
                    openSUSE Leap 42.1
______________________________________________________________________________

   An update that solves one vulnerability and has one errata
   is now available.

Description:

   This gtk2 update to version 2.24.31 fixes the following issues:

   Security issues fixed:
   - CVE-2013-7447: Fixed integer overflow in image handling (boo#966682).

   Bugs fixed:
   - Changes from version 2.24.31:
     + Backport many file chooser entry fixes and cleanups.
     + Don't crash if invisible files are deleted.
     + Bugs fixed: bgo#555087, bgo#586367, bgo#635287, bgo#640698,
       bgo#648419, bgo#672271, bgo#679333, bgo#687196, bgo#703220
       (CVE-2013-7447), bgo#720330, bgo#729927, bgo#737777, bgo#752707,
       bgo#756450, bgo#765120, bgo#765193, bgo#768163, bgo#764996, bgo#769126.

   GTK2 Engine and branding packages were rebuilt to match the updated gtk2
   package (boo#999375).

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE Leap 42.1:

      zypper in -t patch openSUSE-2016-1118=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - openSUSE Leap 42.1 (i586 x86_64):

      gtk2-debugsource-2.24.31-11.2
      gtk2-devel-2.24.31-11.2
      gtk2-devel-debuginfo-2.24.31-11.2
      gtk2-engine-clearlooks-2.20.2-29.3
      gtk2-engine-clearlooks-debuginfo-2.20.2-29.3
      gtk2-engine-crux-2.20.2-29.3
      gtk2-engine-crux-debuginfo-2.20.2-29.3
      gtk2-engine-glide-2.20.2-29.3
      gtk2-engine-glide-debuginfo-2.20.2-29.3
      gtk2-engine-hcengine-2.20.2-29.3
      gtk2-engine-hcengine-debuginfo-2.20.2-29.3
      gtk2-engine-industrial-2.20.2-29.3
      gtk2-engine-industrial-debuginfo-2.20.2-29.3
      gtk2-engine-mist-2.20.2-29.3
      gtk2-engine-mist-debuginfo-2.20.2-29.3
      gtk2-engine-redmond95-2.20.2-29.3
      gtk2-engine-redmond95-debuginfo-2.20.2-29.3
      gtk2-engine-thinice-2.20.2-29.3
      gtk2-engine-thinice-debuginfo-2.20.2-29.3
      gtk2-engines-2.20.2-29.3
      gtk2-engines-debugsource-2.20.2-29.3
      gtk2-engines-devel-2.20.2-29.3
      gtk2-immodule-amharic-2.24.31-11.2
      gtk2-immodule-amharic-debuginfo-2.24.31-11.2
      gtk2-immodule-inuktitut-2.24.31-11.2
      gtk2-immodule-inuktitut-debuginfo-2.24.31-11.2
      gtk2-immodule-multipress-2.24.31-11.2
      gtk2-immodule-multipress-debuginfo-2.24.31-11.2
      gtk2-immodule-thai-2.24.31-11.2
      gtk2-immodule-thai-debuginfo-2.24.31-11.2
      gtk2-immodule-vietnamese-2.24.31-11.2
      gtk2-immodule-vietnamese-debuginfo-2.24.31-11.2
      gtk2-immodule-xim-2.24.31-11.2
      gtk2-immodule-xim-debuginfo-2.24.31-11.2
      gtk2-immodules-tigrigna-2.24.31-11.2
      gtk2-immodules-tigrigna-debuginfo-2.24.31-11.2
      gtk2-tools-2.24.31-11.2
      gtk2-tools-debuginfo-2.24.31-11.2
      libgtk-2_0-0-2.24.31-11.2
      libgtk-2_0-0-debuginfo-2.24.31-11.2
      typelib-1_0-Gtk-2_0-2.24.31-11.2

   - openSUSE Leap 42.1 (x86_64):

      gtk2-devel-32bit-2.24.31-11.2
      gtk2-devel-debuginfo-32bit-2.24.31-11.2
      gtk2-engine-clearlooks-32bit-2.20.2-29.3
      gtk2-engine-clearlooks-debuginfo-32bit-2.20.2-29.3
      gtk2-engine-crux-32bit-2.20.2-29.3
      gtk2-engine-crux-debuginfo-32bit-2.20.2-29.3
      gtk2-engine-glide-32bit-2.20.2-29.3
      gtk2-engine-glide-debuginfo-32bit-2.20.2-29.3
      gtk2-engine-industrial-32bit-2.20.2-29.3
      gtk2-engine-industrial-debuginfo-32bit-2.20.2-29.3
      gtk2-engine-mist-32bit-2.20.2-29.3
      gtk2-engine-mist-debuginfo-32bit-2.20.2-29.3
      gtk2-engine-redmond95-32bit-2.20.2-29.3
      gtk2-engine-redmond95-debuginfo-32bit-2.20.2-29.3
      gtk2-engine-thinice-32bit-2.20.2-29.3
      gtk2-engine-thinice-debuginfo-32bit-2.20.2-29.3
      gtk2-immodule-amharic-32bit-2.24.31-11.2
      gtk2-immodule-amharic-debuginfo-32bit-2.24.31-11.2
      gtk2-immodule-inuktitut-32bit-2.24.31-11.2
      gtk2-immodule-inuktitut-debuginfo-32bit-2.24.31-11.2
      gtk2-immodule-multipress-32bit-2.24.31-11.2
      gtk2-immodule-multipress-debuginfo-32bit-2.24.31-11.2
      gtk2-immodule-thai-32bit-2.24.31-11.2
      gtk2-immodule-thai-debuginfo-32bit-2.24.31-11.2
      gtk2-immodule-vietnamese-32bit-2.24.31-11.2
      gtk2-immodule-vietnamese-debuginfo-32bit-2.24.31-11.2
      gtk2-immodule-xim-32bit-2.24.31-11.2
      gtk2-immodule-xim-debuginfo-32bit-2.24.31-11.2
      gtk2-immodules-tigrigna-32bit-2.24.31-11.2
      gtk2-immodules-tigrigna-debuginfo-32bit-2.24.31-11.2
      gtk2-tools-32bit-2.24.31-11.2
      gtk2-tools-debuginfo-32bit-2.24.31-11.2
      libgtk-2_0-0-32bit-2.24.31-11.2
      libgtk-2_0-0-debuginfo-32bit-2.24.31-11.2

   - openSUSE Leap 42.1 (noarch):

      gtk2-branding-SLED-42.1-13.1
      gtk2-branding-openSUSE-42.1-13.1
      gtk2-branding-upstream-2.24.31-11.2
      gtk2-data-2.24.31-11.2
      gtk2-lang-2.24.31-11.2
      gtk2-theme-clearlooks-2.20.2-29.3
      gtk2-theme-crux-2.20.2-29.3
      gtk2-theme-industrial-2.20.2-29.3
      gtk2-theme-mist-2.20.2-29.3
      gtk2-theme-redmond95-2.20.2-29.3
      gtk2-theme-thinice-2.20.2-29.3

References:

   https://www.suse.com/security/cve/CVE-2013-7447.html
   https://bugzilla.suse.com/966682
   https://bugzilla.suse.com/999375

opensuse-security＠opensuse.org

tags

participants (1)