Login

Noch kein Login?
Daten vergessen?

 
Newsletter
Werbung
Sicherheit: Mehrere Probleme in gdk-pixbuf
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in gdk-pixbuf
ID: FEDORA-2005-1085
Distribution: Fedora
Plattformen: Fedora Core 4
Datum: Di, 15. November 2005, 18:47
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186

Originalnachricht

 
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1085
2005-11-15
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : gdk-pixbuf
Version     : 0.22.0                      
Release     : 18.fc4.2                  
Summary     : An image loading library used with GNOME.
Description :
The gdk-pixbuf package contains an image loading library used with the
GNOME GUI desktop environment. The GdkPixBuf library provides image
loading facilities, the rendering of a GdkPixBuf into various formats
(drawables or GdkRGB buffers), and a cache interface.

---------------------------------------------------------------------
Update Information:

The gdk-pixbuf package contains an image loading library
used with the GNOME GUI desktop environment.

A bug was found in the way gdk-pixbuf processes XPM images.
An attacker could create a carefully crafted XPM file in
such a way that it could cause an application linked with
gdk-pixbuf to execute arbitrary code when the file was
opened by a victim. The Common Vulnerabilities and Exposures
project has assigned the name CVE-2005-3186 to this issue.

Ludwig Nussel discovered an integer overflow bug in the way
gdk-pixbuf processes XPM images. An attacker could create a
carefully crafted XPM file in such a way that it could cause
an application linked with gdk-pixbuf to execute arbitrary
code or crash when the file was opened by a victim. The
Common Vulnerabilities and Exposures project has assigned
the name CVE-2005-2976 to this issue.

Ludwig Nussel also discovered an infinite-loop denial of
service bug in the way gdk-pixbuf processes XPM images. An
attacker could create a carefully crafted XPM file in such a
way that it could cause an application linked with
gdk-pixbuf to stop responding when the file was opened by a
victim. The Common Vulnerabilities and Exposures project has
assigned the name CVE-2005-2975 to this issue.

Users of gdk-pixbuf are advised to upgrade to these updated
packages, which contain backported patches and are not
vulnerable to these issues.
---------------------------------------------------------------------
* Mon Oct 31 2005 Matthias Clasen <mclasen@redhat.com> -
 1:0.22.0-18.fc4.2
- Prevent another integer overflow in the xpm loader (#171901, CVE-2005-2976)
- Prevent an infinite loop in the xpm loader (#171901, CVE-2005-2976)

* Wed Oct 19 2005 Matthias Clasen <mclasen@redhat.com> -
 1:0.22.0-18.fc4.1
- Prevent an integer overflow in the xpm loader (#171073, CVE-2005-3186)


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

7c780b05008f3e1999bf8abbb0bb7b7a  SRPMS/gdk-pixbuf-0.22.0-18.fc4.2.src.rpm
599efb60ec868f5242a4ca353c0b1ef6  ppc/gdk-pixbuf-0.22.0-18.fc4.2.ppc.rpm
1f18e28bf51ab6e7fb6bd064d91cbd17  ppc/gdk-pixbuf-devel-0.22.0-18.fc4.2.ppc.rpm
1905bece6ab5f5b4c49de5ff2a39e201  ppc/gdk-pixbuf-gnome-0.22.0-18.fc4.2.ppc.rpm
eefdf10dfdd1cd5ba10f81136e0c6662 
 ppc/debug/gdk-pixbuf-debuginfo-0.22.0-18.fc4.2.ppc.rpm
4e478e20404e7167b5b6f30efcd80ed9  ppc/gdk-pixbuf-0.22.0-18.fc4.2.ppc64.rpm
7f2a934348fba04f2a8e9a210701406f  x86_64/gdk-pixbuf-0.22.0-18.fc4.2.x86_64.rpm
861b6a186287685c4383e91f1353b77a 
 x86_64/gdk-pixbuf-devel-0.22.0-18.fc4.2.x86_64.rpm
0e760f0a8385a1919962b9f684dabf1c 
 x86_64/gdk-pixbuf-gnome-0.22.0-18.fc4.2.x86_64.rpm
9ef3e8849f5706bc6dc71559af1b056d 
 x86_64/debug/gdk-pixbuf-debuginfo-0.22.0-18.fc4.2.x86_64.rpm
212ce3ac8b0fe3f767048a2186cb3766  x86_64/gdk-pixbuf-0.22.0-18.fc4.2.i386.rpm
212ce3ac8b0fe3f767048a2186cb3766  i386/gdk-pixbuf-0.22.0-18.fc4.2.i386.rpm
7e0136afe88fd82d236a2e04ab76bc9a 
 i386/gdk-pixbuf-devel-0.22.0-18.fc4.2.i386.rpm
8128ef8c06fcf1dfb952c84912cab910 
 i386/gdk-pixbuf-gnome-0.22.0-18.fc4.2.i386.rpm
1fa0933b6e9c7d21fca40b96a162a623 
 i386/debug/gdk-pixbuf-debuginfo-0.22.0-18.fc4.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list
Pro-Linux
Gewinnspiel
Neue Nachrichten

5
openAttic 1.0 ver­öf­fent­licht

5
LinuxTag: Uni­v­en­ti­on-Ab­sol­ven­ten­preis 2013 verliehen

1
LinuxTag 2013 eröffnet

0
Siduction 2013.1 frei­ge­ge­ben

26
Skype 4.2 für Linux ver­öf­fent­licht

5
Opera 14 für Android mit Web­kit-En­gi­ne

3
ktap: Ker­nel-Tra­ce für ein­ge­bet­te­tes Linux

2
Chrome 27 mit kleinem Ge­schwin­dig­keits­zu­wachs und neuer API für Google Drive

14
Paragon stellt ExtFS für Windows vor

8
Qemu 1.5 er­schie­nen
 
Werbung