Errata overview
Errata ID 375
Date 2018-05-08
Source package gdk-pixbuf
Fixed in version 2.31.1-2+deb8u7
This update addresses the following issue:
* An exploitable heap overflow vulnerability exists in the
  gdk_pixbuf__jpeg_image_load_increment functionality. A specially crafted
  jpeg file can cause a heap overflow resulting in remote code execution. An
  attacker can send a file or url to trigger this vulnerability.
* Several integer overflow issues in the gif_get_lzw function resulting in
  memory corruption and potential code execution (CVE-2017-1000422)
Additional notes
CVE ID CVE-2017-2862
UCS Bug number #45603