{"affected":[{"ecosystem_specific":{"binaries":[{"gtk2-devel":"2.18.9-0.44.1","gtk2-devel-32bit":"2.18.9-0.44.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 11 SP4","name":"gtk2","purl":"pkg:rpm/suse/gtk2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.9-0.44.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"gtk2":"2.18.9-0.44.1","gtk2-32bit":"2.18.9-0.44.1","gtk2-doc":"2.18.9-0.44.1","gtk2-lang":"2.18.9-0.44.1","gtk2-x86":"2.18.9-0.44.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP4","name":"gtk2","purl":"pkg:rpm/suse/gtk2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.9-0.44.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"gtk2":"2.18.9-0.44.1","gtk2-32bit":"2.18.9-0.44.1","gtk2-doc":"2.18.9-0.44.1","gtk2-lang":"2.18.9-0.44.1","gtk2-x86":"2.18.9-0.44.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 11 SP4","name":"gtk2","purl":"pkg:rpm/suse/gtk2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.18.9-0.44.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for gtk2 fixes the following security issues:\n\n- CVE-2016-6352: Some crashes were fixed, including a out of bounds\n  write in the OneLine32() function that could be used by attackers to\n  crash GTK/GDK programs.\n- CVE-2013-7447: Avoid overflow when allocating a cairo pixbuf (bsc#966682).\n","id":"SUSE-SU-2016:2532-1","modified":"2016-10-13T15:56:41Z","published":"2016-10-13T15:56:41Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20162532-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/966682"},{"type":"REPORT","url":"https://bugzilla.suse.com/988745"},{"type":"REPORT","url":"https://bugzilla.suse.com/991450"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-7447"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6352"}],"related":["CVE-2013-7447","CVE-2016-6352"],"summary":"Security update for gtk2","upstream":["CVE-2013-7447","CVE-2016-6352"]}