Security fix for CVE-2015-5203, CVE-2015-5221, CVE-2016-1867, CVE-2016-1577 and CVE-2016-2116.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2016-7776983633
Please login to add feedback.
This update has been submitted for testing by jridky.
This update has been pushed to testing.
works for me
LGTM
This update has been submitted for stable by bodhi.
works for me
This update has been pushed to stable.
This breaks gnome-software (and really, anything that tries to load files using gtk-pixbuf) and prevents it starting:
GtkPixbuf actually depends on the -1 buffer size to support auto-expanding the memory buffer at runtime, so changing the API by making the field unsigned breaks as GTK then tries to allocate a huge buffer.
Users of the updated lib seem to very reliably crash.