An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees the same buffer.
Created gthumb tracking bugs for this issue:
Affects: epel-7 [bug 1646710]
Affects: fedora-all [bug 1646709]
This issue did not affect the versions of gthumb as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include the vulnerable code.