OESA-2025-1866
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1866
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2025-1866.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2025-1866
- Upstream
- Published
- 2025-07-18T14:49:46Z
- Modified
- 2025-08-12T05:52:25.763372Z
- Summary
- gdk-pixbuf2 security update
- Details
-
gdk is written in C but has been designed from the ground up to support a wide range of languages. It provide a complete set of widgets,and suitable for projects ranging from small one-off tools to complete application suites.
Security Fix(es):
A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image.(CVE-2025-6199)
- Database specific
{ "severity": "Low" }- References
Affected packages
openEuler:20.03-LTS-SP4 / gdk-pixbuf2
Package
- Name
- gdk-pixbuf2
- Purl
- pkg:rpm/openEuler/gdk-pixbuf2&distro=openEuler-20.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.40.0-7.oe2003sp4
Ecosystem specific
{
"aarch64": [
"gdk-pixbuf2-2.40.0-7.oe2003sp4.aarch64.rpm",
"gdk-pixbuf2-debuginfo-2.40.0-7.oe2003sp4.aarch64.rpm",
"gdk-pixbuf2-debugsource-2.40.0-7.oe2003sp4.aarch64.rpm",
"gdk-pixbuf2-devel-2.40.0-7.oe2003sp4.aarch64.rpm"
],
"src": [
"gdk-pixbuf2-2.40.0-7.oe2003sp4.src.rpm"
],
"x86_64": [
"gdk-pixbuf2-2.40.0-7.oe2003sp4.x86_64.rpm",
"gdk-pixbuf2-debuginfo-2.40.0-7.oe2003sp4.x86_64.rpm",
"gdk-pixbuf2-debugsource-2.40.0-7.oe2003sp4.x86_64.rpm",
"gdk-pixbuf2-devel-2.40.0-7.oe2003sp4.x86_64.rpm"
],
"noarch": [
"gdk-pixbuf2-help-2.40.0-7.oe2003sp4.noarch.rpm"
]
}
openEuler:22.03-LTS-SP3 / gdk-pixbuf2
Package
- Name
- gdk-pixbuf2
- Purl
- pkg:rpm/openEuler/gdk-pixbuf2&distro=openEuler-22.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.42.6-8.oe2203sp3
Ecosystem specific
{
"aarch64": [
"gdk-pixbuf2-2.42.6-8.oe2203sp3.aarch64.rpm",
"gdk-pixbuf2-debuginfo-2.42.6-8.oe2203sp3.aarch64.rpm",
"gdk-pixbuf2-debugsource-2.42.6-8.oe2203sp3.aarch64.rpm",
"gdk-pixbuf2-devel-2.42.6-8.oe2203sp3.aarch64.rpm",
"gdk-pixbuf2-modules-2.42.6-8.oe2203sp3.aarch64.rpm",
"gdk-pixbuf2-tests-2.42.6-8.oe2203sp3.aarch64.rpm"
],
"src": [
"gdk-pixbuf2-2.42.6-8.oe2203sp3.src.rpm"
],
"x86_64": [
"gdk-pixbuf2-2.42.6-8.oe2203sp3.x86_64.rpm",
"gdk-pixbuf2-debuginfo-2.42.6-8.oe2203sp3.x86_64.rpm",
"gdk-pixbuf2-debugsource-2.42.6-8.oe2203sp3.x86_64.rpm",
"gdk-pixbuf2-devel-2.42.6-8.oe2203sp3.x86_64.rpm",
"gdk-pixbuf2-modules-2.42.6-8.oe2203sp3.x86_64.rpm",
"gdk-pixbuf2-tests-2.42.6-8.oe2203sp3.x86_64.rpm"
],
"noarch": [
"gdk-pixbuf2-help-2.42.6-8.oe2203sp3.noarch.rpm"
]
}
openEuler:22.03-LTS-SP4 / gdk-pixbuf2
Package
- Name
- gdk-pixbuf2
- Purl
- pkg:rpm/openEuler/gdk-pixbuf2&distro=openEuler-22.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.42.6-8.oe2203sp4
Ecosystem specific
{
"aarch64": [
"gdk-pixbuf2-2.42.6-8.oe2203sp4.aarch64.rpm",
"gdk-pixbuf2-debuginfo-2.42.6-8.oe2203sp4.aarch64.rpm",
"gdk-pixbuf2-debugsource-2.42.6-8.oe2203sp4.aarch64.rpm",
"gdk-pixbuf2-devel-2.42.6-8.oe2203sp4.aarch64.rpm",
"gdk-pixbuf2-modules-2.42.6-8.oe2203sp4.aarch64.rpm",
"gdk-pixbuf2-tests-2.42.6-8.oe2203sp4.aarch64.rpm"
],
"src": [
"gdk-pixbuf2-2.42.6-8.oe2203sp4.src.rpm"
],
"x86_64": [
"gdk-pixbuf2-2.42.6-8.oe2203sp4.x86_64.rpm",
"gdk-pixbuf2-debuginfo-2.42.6-8.oe2203sp4.x86_64.rpm",
"gdk-pixbuf2-debugsource-2.42.6-8.oe2203sp4.x86_64.rpm",
"gdk-pixbuf2-devel-2.42.6-8.oe2203sp4.x86_64.rpm",
"gdk-pixbuf2-modules-2.42.6-8.oe2203sp4.x86_64.rpm",
"gdk-pixbuf2-tests-2.42.6-8.oe2203sp4.x86_64.rpm"
],
"noarch": [
"gdk-pixbuf2-help-2.42.6-8.oe2203sp4.noarch.rpm"
]
}
openEuler:24.03-LTS / gdk-pixbuf2
Package
- Name
- gdk-pixbuf2
- Purl
- pkg:rpm/openEuler/gdk-pixbuf2&distro=openEuler-24.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.42.10-5.oe2403sp2
Ecosystem specific
{
"aarch64": [
"gdk-pixbuf2-2.42.10-5.oe2403.aarch64.rpm",
"gdk-pixbuf2-debuginfo-2.42.10-5.oe2403.aarch64.rpm",
"gdk-pixbuf2-debugsource-2.42.10-5.oe2403.aarch64.rpm",
"gdk-pixbuf2-devel-2.42.10-5.oe2403.aarch64.rpm",
"gdk-pixbuf2-modules-2.42.10-5.oe2403.aarch64.rpm",
"gdk-pixbuf2-tests-2.42.10-5.oe2403.aarch64.rpm",
"gdk-pixbuf2-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-debuginfo-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-debugsource-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-devel-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-modules-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-tests-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-2.42.10-5.oe2403sp2.aarch64.rpm",
"gdk-pixbuf2-debuginfo-2.42.10-5.oe2403sp2.aarch64.rpm",
"gdk-pixbuf2-debugsource-2.42.10-5.oe2403sp2.aarch64.rpm",
"gdk-pixbuf2-devel-2.42.10-5.oe2403sp2.aarch64.rpm",
"gdk-pixbuf2-modules-2.42.10-5.oe2403sp2.aarch64.rpm",
"gdk-pixbuf2-tests-2.42.10-5.oe2403sp2.aarch64.rpm"
],
"src": [
"gdk-pixbuf2-2.42.10-5.oe2403.src.rpm",
"gdk-pixbuf2-2.42.10-5.oe2403sp1.src.rpm",
"gdk-pixbuf2-2.42.10-5.oe2403sp2.src.rpm"
],
"x86_64": [
"gdk-pixbuf2-2.42.10-5.oe2403.x86_64.rpm",
"gdk-pixbuf2-debuginfo-2.42.10-5.oe2403.x86_64.rpm",
"gdk-pixbuf2-debugsource-2.42.10-5.oe2403.x86_64.rpm",
"gdk-pixbuf2-devel-2.42.10-5.oe2403.x86_64.rpm",
"gdk-pixbuf2-modules-2.42.10-5.oe2403.x86_64.rpm",
"gdk-pixbuf2-tests-2.42.10-5.oe2403.x86_64.rpm",
"gdk-pixbuf2-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-debuginfo-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-debugsource-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-devel-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-modules-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-tests-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-2.42.10-5.oe2403sp2.x86_64.rpm",
"gdk-pixbuf2-debuginfo-2.42.10-5.oe2403sp2.x86_64.rpm",
"gdk-pixbuf2-debugsource-2.42.10-5.oe2403sp2.x86_64.rpm",
"gdk-pixbuf2-devel-2.42.10-5.oe2403sp2.x86_64.rpm",
"gdk-pixbuf2-modules-2.42.10-5.oe2403sp2.x86_64.rpm",
"gdk-pixbuf2-tests-2.42.10-5.oe2403sp2.x86_64.rpm"
],
"noarch": [
"gdk-pixbuf2-help-2.42.10-5.oe2403.noarch.rpm",
"gdk-pixbuf2-help-2.42.10-5.oe2403sp1.noarch.rpm",
"gdk-pixbuf2-help-2.42.10-5.oe2403sp2.noarch.rpm"
]
}
openEuler:24.03-LTS-SP1 / gdk-pixbuf2
Package
- Name
- gdk-pixbuf2
- Purl
- pkg:rpm/openEuler/gdk-pixbuf2&distro=openEuler-24.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.42.10-5.oe2403sp1
Ecosystem specific
{
"aarch64": [
"gdk-pixbuf2-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-debuginfo-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-debugsource-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-devel-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-modules-2.42.10-5.oe2403sp1.aarch64.rpm",
"gdk-pixbuf2-tests-2.42.10-5.oe2403sp1.aarch64.rpm"
],
"src": [
"gdk-pixbuf2-2.42.10-5.oe2403sp1.src.rpm"
],
"x86_64": [
"gdk-pixbuf2-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-debuginfo-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-debugsource-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-devel-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-modules-2.42.10-5.oe2403sp1.x86_64.rpm",
"gdk-pixbuf2-tests-2.42.10-5.oe2403sp1.x86_64.rpm"
],
"noarch": [
"gdk-pixbuf2-help-2.42.10-5.oe2403sp1.noarch.rpm"
]
}
openEuler:24.03-LTS-SP2 / gdk-pixbuf2
Package
- Name
- gdk-pixbuf2
- Purl
- pkg:rpm/openEuler/gdk-pixbuf2&distro=openEuler-24.03-LTS-SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.42.10-5.oe2403sp2
Ecosystem specific
{
"aarch64": [
"gdk-pixbuf2-2.42.10-5.oe2403sp2.aarch64.rpm",
"gdk-pixbuf2-debuginfo-2.42.10-5.oe2403sp2.aarch64.rpm",
"gdk-pixbuf2-debugsource-2.42.10-5.oe2403sp2.aarch64.rpm",
"gdk-pixbuf2-devel-2.42.10-5.oe2403sp2.aarch64.rpm",
"gdk-pixbuf2-modules-2.42.10-5.oe2403sp2.aarch64.rpm",
"gdk-pixbuf2-tests-2.42.10-5.oe2403sp2.aarch64.rpm"
],
"src": [
"gdk-pixbuf2-2.42.10-5.oe2403sp2.src.rpm"
],
"x86_64": [
"gdk-pixbuf2-2.42.10-5.oe2403sp2.x86_64.rpm",
"gdk-pixbuf2-debuginfo-2.42.10-5.oe2403sp2.x86_64.rpm",
"gdk-pixbuf2-debugsource-2.42.10-5.oe2403sp2.x86_64.rpm",
"gdk-pixbuf2-devel-2.42.10-5.oe2403sp2.x86_64.rpm",
"gdk-pixbuf2-modules-2.42.10-5.oe2403sp2.x86_64.rpm",
"gdk-pixbuf2-tests-2.42.10-5.oe2403sp2.x86_64.rpm"
],
"noarch": [
"gdk-pixbuf2-help-2.42.10-5.oe2403sp2.noarch.rpm"
]
}