important: gdk-pixbuf2/libblockdev security update
important
An update for gdk-pixbuf2/libblockdev is now available for NewStart CGSL MAIN 7.02.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
gdk-pixbuf2:
libblockdev:
Security Fix(es):
gdk-pixbuf2: A flaw was found in GNOME's GdkPixbuf library, a library used to load image data in various formats used by GDK for handling graphical assets. This issue occurs when loading a crafted ANI (animated cursor file) file, which may lead to a heap based out-of-bounds write, causing memory corruption. When a successful attack is in place, it can lead to a denial of service or in some cases arbitrary code execution.(CVE-2022-48622)
gdk-pixbuf2: bugfix
libblockdev: A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.(CVE-2025-6019)
libblockdev: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 7.02.03B8.