Login

Noch kein Login?
Daten vergessen?

 
Newsletter
Werbung
Sicherheit: Mehrere Probleme in GTK+
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in GTK+
ID: DSA-549-1
Distribution: Debian
Plattformen: Debian woody
Datum: So, 19. September 2004, 13:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0788

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Debian Security Advisory DSA 549-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
September 17th, 2004                    http://www.debian.org/security/faq
--------------------------------------------------------------------------

Package        : gtk+2.0
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0782 CAN-2004-0783 CAN-2004-0788

Chris Evans discovered several problems in gdk-pixbuf, the GdkPixBuf
library used in Gtk.  It is possible for an attacker to execute
arbitrary code on the victims machine.  Gdk-pixbuf for Gtk+1.2 is an
external package.  For Gtk+2.0 it's part of the main gtk package.

The Common Vulnerabilities and Exposures Project identifies the
following vulnerabilities:

CAN-2004-0782

    Heap-based overflow in pixbuf_create_from_xpm.

CAN-2004-0783

    Stack-based overflow in xpm_extract_color.

CAN-2004-0788

    Integer overflow in the ico loader.

For the stable distribution (woody) these problems have been fixed in
version 2.0.2-5woody2.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your Gtk packages.


Upgrade Instructions
--------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
--------------------------------

  Source archives:

    gtk+2.0_2.0.2-5woody2.dsc
      Size/MD5 checksum:      863 e1fb1114b9e8a2a41696f9ce87e63695
    gtk+2.0_2.0.2-5woody2.diff.gz
      Size/MD5 checksum:    46831 2efce3a3481974044c1a6a1011954f18
    gtk+2.0_2.0.2.orig.tar.gz
      Size/MD5 checksum:  7835836 dc80381b84458d944c5300a1672c099c

  Architecture independent components:

    libgtk2.0-doc_2.0.2-5woody2_all.deb
      Size/MD5 checksum:  1378706 d2d6f488c0a77c93ed5a8fd151741543

  Alpha architecture:

    gtk2.0-examples_2.0.2-5woody2_alpha.deb
      Size/MD5 checksum:   220806 d754d0cecc3f82d64be319c55dff5c8e
    libgtk-common_2.0.2-5woody2_alpha.deb
      Size/MD5 checksum:     1102 d3ccf8d6e3b666f6dc71c35f20a6cb77
    libgtk2.0-0_2.0.2-5woody2_alpha.deb
      Size/MD5 checksum:  1585238 13f238596d197ad27933c3f3e27269f7
    libgtk2.0-common_2.0.2-5woody2_alpha.deb
      Size/MD5 checksum:   595896 57264f5be6eb488ea9607cd2f7058e08
    libgtk2.0-dbg_2.0.2-5woody2_alpha.deb
      Size/MD5 checksum:  5878498 0ffc094ffe8ef6fdd11b38484ea90477
    libgtk2.0-dev_2.0.2-5woody2_alpha.deb
      Size/MD5 checksum:   178322 14de2746abdb546a703aeec243e28a12

  ARM architecture:

    gtk2.0-examples_2.0.2-5woody2_arm.deb
      Size/MD5 checksum:   214610 c2a2b4874321a68a912afcac8efe4432
    libgtk-common_2.0.2-5woody2_arm.deb
      Size/MD5 checksum:     1106 d78aba4e1a787ac217dc055dc8e5d77a
    libgtk2.0-0_2.0.2-5woody2_arm.deb
      Size/MD5 checksum:  1419902 92ed65acd376e565968d534df0e56b4f
    libgtk2.0-common_2.0.2-5woody2_arm.deb
      Size/MD5 checksum:   595286 a8f465878ea70bb232fc4fc7d460462d
    libgtk2.0-dbg_2.0.2-5woody2_arm.deb
      Size/MD5 checksum:  2904044 843cba67b1831b001b9186c11d7d5c72
    libgtk2.0-dev_2.0.2-5woody2_arm.deb
      Size/MD5 checksum:   177272 f02861b5aa96ea782f041db0ba00fe11

  Intel IA-32 architecture:

    gtk2.0-examples_2.0.2-5woody2_i386.deb
      Size/MD5 checksum:   214932 abd81a3388a82c15364189b0321c931a
    libgtk-common_2.0.2-5woody2_i386.deb
      Size/MD5 checksum:     1102 6a63e94e140d45afd8d30f1a6aeaf4fa
    libgtk2.0-0_2.0.2-5woody2_i386.deb
      Size/MD5 checksum:  1289428 a1f0196674f1556a9700a29912ed4b77
    libgtk2.0-common_2.0.2-5woody2_i386.deb
      Size/MD5 checksum:   595384 485b9ec09c0ddfa5564b25c2fcec58f7
    libgtk2.0-dbg_2.0.2-5woody2_i386.deb
      Size/MD5 checksum:  2722306 a59b27568500db9dcd8a2ffbf2866f2b
    libgtk2.0-dev_2.0.2-5woody2_i386.deb
      Size/MD5 checksum:   177140 245e88cb2addad57e7273b76fb145930

  Intel IA-64 architecture:

    gtk2.0-examples_2.0.2-5woody2_ia64.deb
      Size/MD5 checksum:   230652 df3f392fc1d8f749134f03413e6b07b3
    libgtk-common_2.0.2-5woody2_ia64.deb
      Size/MD5 checksum:     1098 9f692a19e0d16699852bf7c16de2a05b
    libgtk2.0-0_2.0.2-5woody2_ia64.deb
      Size/MD5 checksum:  2076782 8b4e1e4a232881916a2da1f39f3bff18
    libgtk2.0-common_2.0.2-5woody2_ia64.deb
      Size/MD5 checksum:   596736 fbaedfd29974d78a92de77666be3ca6a
    libgtk2.0-dbg_2.0.2-5woody2_ia64.deb
      Size/MD5 checksum:  9450414 6c1356d0a6caac17bcfee6794c7eb0e3
    libgtk2.0-dev_2.0.2-5woody2_ia64.deb
      Size/MD5 checksum:   178702 a248446a3b02a0a3bc7695bc364423d0

  HP Precision architecture:

    gtk2.0-examples_2.0.2-5woody2_hppa.deb
      Size/MD5 checksum:   220414 5541da711355e2a8f43e9fc113ef0768
    libgtk-common_2.0.2-5woody2_hppa.deb
      Size/MD5 checksum:     1104 527a4a2a3c489297eeb7ba3cbfd438a4
    libgtk2.0-0_2.0.2-5woody2_hppa.deb
      Size/MD5 checksum:  1718082 f4f7d125622fb444f1e4f0cedc8a4e2d
    libgtk2.0-common_2.0.2-5woody2_hppa.deb
      Size/MD5 checksum:   595658 50ed99e08d60d5de0abbdb1d26775c26
    libgtk2.0-dbg_2.0.2-5woody2_hppa.deb
      Size/MD5 checksum:  3317262 ba0fa17d9fa8b56a0f55b59e6768bfa7
    libgtk2.0-dev_2.0.2-5woody2_hppa.deb
      Size/MD5 checksum:   177784 fa9a3da8d0bcc4786c2c1ddea49dc75d

  Motorola 680x0 architecture:

    gtk2.0-examples_2.0.2-5woody2_m68k.deb
      Size/MD5 checksum:   214628 952fad1b5e2cf93ceda4d5d63e19f765
    libgtk-common_2.0.2-5woody2_m68k.deb
      Size/MD5 checksum:     1108 8ced141cb0b5be513e6c6561d12c5a63
    libgtk2.0-0_2.0.2-5woody2_m68k.deb
      Size/MD5 checksum:  1331140 e2aba56732d36042f31066ddf8c028d8
    libgtk2.0-common_2.0.2-5woody2_m68k.deb
      Size/MD5 checksum:   595398 9b672797a3c23ee8a2f8a3efc71d3c71
    libgtk2.0-dbg_2.0.2-5woody2_m68k.deb
      Size/MD5 checksum:  2833708 f651eb5d6120d31e7f3928e74aba8980
    libgtk2.0-dev_2.0.2-5woody2_m68k.deb
      Size/MD5 checksum:   177030 9845cbf7bf9e07645dcb77274b5c33ab

  Big endian MIPS architecture:

    gtk2.0-examples_2.0.2-5woody2_mips.deb
      Size/MD5 checksum:   215928 d7588d79c18352e3338f2f4e63d5965a
    libgtk-common_2.0.2-5woody2_mips.deb
      Size/MD5 checksum:     1106 7cf40a77a0343f3e5a31ded6dc331490
    libgtk2.0-0_2.0.2-5woody2_mips.deb
      Size/MD5 checksum:  1384582 1dfc5eb807003319d401f80c94c6bf90
    libgtk2.0-common_2.0.2-5woody2_mips.deb
      Size/MD5 checksum:   595756 3ef292a9f9f3dec4a2c141673881ed96
    libgtk2.0-dbg_2.0.2-5woody2_mips.deb
      Size/MD5 checksum:  4934272 a54b24f1384ed35991e791dc307a69ba
    libgtk2.0-dev_2.0.2-5woody2_mips.deb
      Size/MD5 checksum:   177508 35d84c694be2215cc97aaf7142446949

  Little endian MIPS architecture:

    gtk2.0-examples_2.0.2-5woody2_mipsel.deb
      Size/MD5 checksum:   215604 5cc6dd64570c935fd94dee4f087233e7
    libgtk-common_2.0.2-5woody2_mipsel.deb
      Size/MD5 checksum:     1104 fe87437ef7062d2f594a8939f4fc32d5
    libgtk2.0-0_2.0.2-5woody2_mipsel.deb
      Size/MD5 checksum:  1375248 f06ee4d4dfa8c6f83da5463e1d6c68e0
    libgtk2.0-common_2.0.2-5woody2_mipsel.deb
      Size/MD5 checksum:   595704 0843d132d11c21f4dacc713cce9bfe86
    libgtk2.0-dbg_2.0.2-5woody2_mipsel.deb
      Size/MD5 checksum:  4789102 a8434a64c728d1681e0cb67579f57115
    libgtk2.0-dev_2.0.2-5woody2_mipsel.deb
      Size/MD5 checksum:   177524 2c4c179ee681e7bc9660b5779c1cd789

  PowerPC architecture:

    gtk2.0-examples_2.0.2-5woody2_powerpc.deb
      Size/MD5 checksum:   214682 98b2500d59c65aba8ee0b11182075ee7
    libgtk-common_2.0.2-5woody2_powerpc.deb
      Size/MD5 checksum:     1106 dc96de399a2ff8b240b3c617aed8eec9
    libgtk2.0-0_2.0.2-5woody2_powerpc.deb
      Size/MD5 checksum:  1504824 62e8dd6e29202ec7b93125608e0843de
    libgtk2.0-common_2.0.2-5woody2_powerpc.deb
      Size/MD5 checksum:   595492 2149f524cfd0d8c000d9b898558adf2f
    libgtk2.0-dbg_2.0.2-5woody2_powerpc.deb
      Size/MD5 checksum:  2980810 1fb39be5851af4c2b7bed18211f07f7f
    libgtk2.0-dev_2.0.2-5woody2_powerpc.deb
      Size/MD5 checksum:   177308 50c27f03e3cbb55460682bb4cc78f288

  IBM S/390 architecture:

    gtk2.0-examples_2.0.2-5woody2_s390.deb
      Size/MD5 checksum:   217456 f09ceaad55029059c3c0881d810f0588
    libgtk-common_2.0.2-5woody2_s390.deb
      Size/MD5 checksum:     1102 13c51d35dd739aa20cde20ac8407c264
    libgtk2.0-0_2.0.2-5woody2_s390.deb
      Size/MD5 checksum:  1446606 fed3c63829a9f11ca862cec3561f3460
    libgtk2.0-common_2.0.2-5woody2_s390.deb
      Size/MD5 checksum:   595662 ce432586ed7c73c0d5e8bda255b4d4af
    libgtk2.0-dbg_2.0.2-5woody2_s390.deb
      Size/MD5 checksum:  3004760 251ada8d3dd7f4390d48c6fd1b00f85b
    libgtk2.0-dev_2.0.2-5woody2_s390.deb
      Size/MD5 checksum:   177364 4085419a638670f3e6a227b073bcfe9d

  Sun Sparc architecture:

    gtk2.0-examples_2.0.2-5woody2_sparc.deb
      Size/MD5 checksum:   215616 e4b0fca8e9a4d954713615b223036a25
    libgtk-common_2.0.2-5woody2_sparc.deb
      Size/MD5 checksum:     1102 75aefe007d272f0d459848aa984d76ed
    libgtk2.0-0_2.0.2-5woody2_sparc.deb
      Size/MD5 checksum:  1434138 47f684ef7bb814f884efb45a4dc7ef51
    libgtk2.0-common_2.0.2-5woody2_sparc.deb
      Size/MD5 checksum:   595332 6684502ffc4b161929b3c0996f5e436f
    libgtk2.0-dbg_2.0.2-5woody2_sparc.deb
      Size/MD5 checksum:  2872322 a69e4200c018c48c1bfd4c4d140891dc
    libgtk2.0-dev_2.0.2-5woody2_sparc.deb
      Size/MD5 checksum:   177178 3e2de7e036b45561d918905d08720ae8


  These files will probably be moved into the stable distribution on
  its next update.

--------------------------------------------------------------------------------
-
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBSq19W5ql+IAeqTIRArMSAKCT5ZJPFhftlGpFla1SzQEwt3vu5ACeN6qs
XdA0qjsHg/CZGyy4AZGXY0U=
=UANQ
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
 listmaster@lists.debian.org
Pro-Linux
Gewinnspiel
Neue Nachrichten

10
Firefox 22 aktiviert WebRTC

9
10 Jahre Groklaw

15
Kroatiens Prä­si­dent lobt den kreativen Geist der Open-Sour­ce Ge­mein­schaft

2
Sernet bietet Sam­ba4-Kom­plett­pa­ke­te für ver­schie­de­ne Dis­tri­bu­tio­nen

19
Linux: Si­cher­heits­lü­cke erlaubt Roo­t-Zu­griff

1
Ge­winn­spiel: Ein­tritts­kar­ten für den LinuxTag 2013

22
Neue An­dro­id-Ent­wick­lungs­um­ge­bung Android Studio

0
Open-IT Summit am 22. und 23. Mai auf dem LinuxTag

0
OpenAPC 3.0 mit Be­am­Con­struc­t-SDK

25
Canonical zeigt Vorschau auf Mir und Uni­ty­-Next
 
Werbung