CVE-2011-2485 assignment notification -- gdk-pixbuf

[Jan Lieskovsky <jlieskov () redhat com>]

Hello Josh, Steve, vendors,

  the following security flaw has been found in the way gdk-pixbuf, an
image loading library, loaded certain Graphics Interchange Format (GIF) 
image files:
=======================================================================

It was found that gdk-pixbuf's gdk_pixbuf__gif_image_load() GIF image 
loader routine did not properly handle certain return values from its
subroutines. A remote attacker could provide a specially-crafted GIF
image, which once opened in an application, linked against gdk-pixbuf
would lead to gdk-pixbuf to return partially initialized pixbuf
structure, possibly having huge width and height, leading to that
particular application termination due excessive memory use.

The CVE identifier of CVE-2011-2485 has been assigned to this issue.

References:

[1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2485
[2] 
http://git.gnome.org/browse/gdk-pixbuf/commit/?id=f8569bb13e2aa1584dde61ca545144750f7a7c98

This issue could lead (for example) in Pidgin to:
=================================================

A remote attacker could set a specially-crafted GIF image as their
buddy icon that could lead to Pidgin being terminated due to excessive
memory use.

References:
[3] https://bugzilla.redhat.com/show_bug.cgi?id=714754
[4] http://www.pidgin.im/news/security/?id=52

Credit: Issue has been discovered and reported by Mark Doliner
        of the Pidgin project.

We did not allocate a second CVE identifier for the Pidgin issue,
since the true underlying reason for this was the gdk-pixbuf image 
loading library problem. This is based on last paragraph from:
[5] http://www.openwall.com/lists/oss-security/2011/03/30/3

more exactly on that part about 'issues like incorrectly
reporting error status from an API function' (although this not
being case of compiler, but rather case of library).

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team