[SECURITY] Fedora 23 Update: imlib2-1.4.8-1.fc23

updates at fedoraproject.org updates at fedoraproject.org
Wed Apr 13 07:29:10 UTC 2016 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-f8eee2e628
2016-04-13 03:26:08.777154
--------------------------------------------------------------------------------

Name        : imlib2
Product     : Fedora 23
Version     : 1.4.8
Release     : 1.fc23
URL         : http://docs.enlightenment.org/api/imlib2/html/
Summary     : Image loading, saving, rendering, and manipulation library
Description :
Imlib 2 is a library that does image file loading and saving as well
as rendering, manipulation, arbitrary polygon support, etc.  It does
ALL of these operations FAST. Imlib2 also tries to be highly
intelligent about doing them, so writing naive programs can be done
easily, without sacrificing speed.  This is a complete rewrite over
the Imlib 1.x series. The architecture is more modular, simple, and
flexible.

--------------------------------------------------------------------------------
Update Information:

Rebase to the new upstream bugfix-only version. Add security fixes for the
referenced bugs.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1323060 - CVE-2016-3994 imlib2: out of bound read in GIF loader
        https://bugzilla.redhat.com/show_bug.cgi?id=1323060
  [ 2 ] Bug #1323080 - CVE-2011-5326 imlib2: divide by zero on 2x1 ellipse
        https://bugzilla.redhat.com/show_bug.cgi?id=1323080
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program. Use
su -c 'yum update imlib2' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list