gdk-pixbuf-devel-2.42.12-4.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:15397-1 Final 1 1 2025-07-31T00:00:00Z current 2025-07-31T00:00:00Z 2025-07-31T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z gdk-pixbuf-devel-2.42.12-4.1 on GA media These are all security issues fixed in the gdk-pixbuf-devel-2.42.12-4.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-15397 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2025-6199/ SUSE CVE CVE-2025-6199 page openSUSE Tumbleweed gdk-pixbuf-devel-2.42.12-4.1 gdk-pixbuf-devel-32bit-2.42.12-4.1 gdk-pixbuf-lang-2.42.12-4.1 gdk-pixbuf-query-loaders-2.42.12-4.1 gdk-pixbuf-query-loaders-32bit-2.42.12-4.1 gdk-pixbuf-thumbnailer-2.42.12-4.1 libgdk_pixbuf-2_0-0-2.42.12-4.1 libgdk_pixbuf-2_0-0-32bit-2.42.12-4.1 typelib-1_0-GdkPixbuf-2_0-2.42.12-4.1 typelib-1_0-GdkPixdata-2_0-2.42.12-4.1 gdk-pixbuf-devel-2.42.12-4.1 as a component of openSUSE Tumbleweed gdk-pixbuf-devel-32bit-2.42.12-4.1 as a component of openSUSE Tumbleweed gdk-pixbuf-lang-2.42.12-4.1 as a component of openSUSE Tumbleweed gdk-pixbuf-query-loaders-2.42.12-4.1 as a component of openSUSE Tumbleweed gdk-pixbuf-query-loaders-32bit-2.42.12-4.1 as a component of openSUSE Tumbleweed gdk-pixbuf-thumbnailer-2.42.12-4.1 as a component of openSUSE Tumbleweed libgdk_pixbuf-2_0-0-2.42.12-4.1 as a component of openSUSE Tumbleweed libgdk_pixbuf-2_0-0-32bit-2.42.12-4.1 as a component of openSUSE Tumbleweed typelib-1_0-GdkPixbuf-2_0-2.42.12-4.1 as a component of openSUSE Tumbleweed typelib-1_0-GdkPixdata-2_0-2.42.12-4.1 as a component of openSUSE Tumbleweed A flaw was found in the GIF parser of GdkPixbuf's LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image. CVE-2025-6199 openSUSE Tumbleweed:gdk-pixbuf-devel-2.42.12-4.1 openSUSE Tumbleweed:gdk-pixbuf-devel-32bit-2.42.12-4.1 openSUSE Tumbleweed:gdk-pixbuf-lang-2.42.12-4.1 openSUSE Tumbleweed:gdk-pixbuf-query-loaders-2.42.12-4.1 openSUSE Tumbleweed:gdk-pixbuf-query-loaders-32bit-2.42.12-4.1 openSUSE Tumbleweed:gdk-pixbuf-thumbnailer-2.42.12-4.1 openSUSE Tumbleweed:libgdk_pixbuf-2_0-0-2.42.12-4.1 openSUSE Tumbleweed:libgdk_pixbuf-2_0-0-32bit-2.42.12-4.1 openSUSE Tumbleweed:typelib-1_0-GdkPixbuf-2_0-2.42.12-4.1 openSUSE Tumbleweed:typelib-1_0-GdkPixdata-2_0-2.42.12-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-6199.html CVE-2025-6199 https://bugzilla.suse.com/1245227 SUSE Bug 1245227