Three security flaws have been reported: [1] http://secunia.com/secunia_research/2010-102/ against libgdiplus (more from [1]): 1) An integer overflow error within the "gdip_load_tiff_image()" function in src/tiffcodec.c can be exploited to cause a heap-based buffer overflow by e.g. processing specially crafted TIFF images in an application using the library. 2) An integer overflow error within the "gdip_load_jpeg_image_internal()" function in src/jpegcodec.c can be exploited to cause a heap-based buffer overflow by e.g. processing specially crafted JPEG images in an application using the library. 3) An integer overflow error within the "gdip_read_bmp_image()" function in src/bmpcodec.c can be exploited to cause a heap-based buffer overflow by e.g. processing specially crafted BMP images in an application using the library. CVE identifier of CVE-2010-1526 has been assigned to these issues. References: [2] http://github.com/mono/libgdiplus Upstream changeset: [3] http://github.com/mono/libgdiplus/commit/6779fbf994d5270720ccb1687ba8b004e20a1821
These issues affect the versions of libgdiplus package, as shipped with Fedora release of 12 and 13. Please fix.
Created libgdiplus tracking bugs for this issue Affects: fedora-all [bug 626829]