USN-2898-2: Eye of GNOME vulnerability
15 February 2016
Eye of GNOME could be made to crash or run programs as your login if it opened a specially crafted image.
Releases
Packages
- eog - Eye of GNOME graphics viewer program
Details
It was discovered that Eye of GNOME incorrectly handled certain large
images. If a user were tricked into opening a specially-crafted image, a
remote attacker could use this issue to cause Eye of GNOME to crash,
resulting in a denial of service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.10
Ubuntu 14.04
Ubuntu 12.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-2898-1: libgail18, libgail-doc, libgtk-3-0, gtk+3.0, gir1.2-gtk-2.0, libgail-dev, libgtk2.0-common, libgtk2.0-bin, libgtk2.0-dev, gtk+2.0, libgtk2.0-0-udeb, gtk2-engines-pixbuf, libgtk2.0-doc, gtk2.0-examples, libgail-common, libgtk2.0-0