Alibaba Cloud Linux 2.1903 Security Advisory: ALINUX2-SA-2022:0005
Issued: 2022-01-19
Updated: 2022-01-19
Summary
gegl security update
Severity
Important
Description
Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities:
CVE-2021-45463:
GEGL before 0.4.34, as used (for example) in GIMP before 2.10.30, allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load.
References
Updated Packages
- aarch64
- gegl-0.2.0-19.1.al7.1.aarch64.rpm → (download)
- gegl-debuginfo-0.2.0-19.1.al7.1.aarch64.rpm → (download)
- gegl-devel-0.2.0-19.1.al7.1.aarch64.rpm → (download)
- i686
- gegl-0.2.0-19.1.al7.1.i686.rpm → (download)
- gegl-debuginfo-0.2.0-19.1.al7.1.i686.rpm → (download)
- gegl-devel-0.2.0-19.1.al7.1.i686.rpm → (download)
- src
- gegl-0.2.0-19.1.al7.1.src.rpm → (download)
- x86_64
- gegl-0.2.0-19.1.al7.1.x86_64.rpm → (download)
- gegl-debuginfo-0.2.0-19.1.al7.1.x86_64.rpm → (download)
- gegl-devel-0.2.0-19.1.al7.1.x86_64.rpm → (download)