Login
Newsletter
Werbung

Sicherheit: Zahlenüberlauf in libpng
Aktuelle Meldungen Distributionen
Name: Zahlenüberlauf in libpng
ID: MDVSA-2012:022
Distribution: Mandriva
Plattformen: Mandriva Enterprise Server 5.0, Mandriva 2010.1, Mandriva 2011
Datum: Mi, 22. Februar 2012, 14:31
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
Applikationen: libpng

Originalnachricht

This is a multi-part message in MIME format...

------------=_1329912188-4050-103

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:022
http://www.mandriva.com/security/
_______________________________________________________________________

Package : libpng
Date : February 22, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability has been found and corrected in libpng:

Integer overflow in libpng allows remote attackers to cause a denial
of service or possibly have unspecified other impact via unknown
vectors that trigger an integer truncation (CVE-2011-3026).

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
c4855b723b25b62a8e80f27db90c15a3
2010.1/i586/libpng3-1.2.43-1.3mdv2010.2.i586.rpm
0485c0180727805f96ae132a888827a3
2010.1/i586/libpng-devel-1.2.43-1.3mdv2010.2.i586.rpm
26f1bff42f385116d55b1685feda0a1e
2010.1/i586/libpng-source-1.2.43-1.3mdv2010.2.i586.rpm
f01bdae23b93da1536aed6c3131e8f85
2010.1/i586/libpng-static-devel-1.2.43-1.3mdv2010.2.i586.rpm
17738e1f426097875b5682cba8f16415
2010.1/SRPMS/libpng-1.2.43-1.3mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
0c8d9cd9c9e6f57ae72e442419a803df
2010.1/x86_64/lib64png3-1.2.43-1.3mdv2010.2.x86_64.rpm
eed384ae359919c39c1ca442d0c303ba
2010.1/x86_64/lib64png-devel-1.2.43-1.3mdv2010.2.x86_64.rpm
d10fafba157200fb9ddbade65ecc8d6d
2010.1/x86_64/lib64png-static-devel-1.2.43-1.3mdv2010.2.x86_64.rpm
40f7967c617dc26e3e9e9cf6963ebcd0
2010.1/x86_64/libpng-source-1.2.43-1.3mdv2010.2.x86_64.rpm
17738e1f426097875b5682cba8f16415
2010.1/SRPMS/libpng-1.2.43-1.3mdv2010.2.src.rpm

Mandriva Linux 2011:
bd9413334a6960530e994f48d515b5e2
2011/i586/libpng3-1.2.46-1.1-mdv2011.0.i586.rpm
08624bc6f3f185c91c20a5c11a37f7b5
2011/i586/libpng-devel-1.2.46-1.1-mdv2011.0.i586.rpm
367296b0f78af677e2b8ca3e97a10375
2011/i586/libpng-source-1.2.46-1.1-mdv2011.0.i586.rpm
ba795279eb1e7d3d1c7d6733ac1613f0
2011/i586/libpng-static-devel-1.2.46-1.1-mdv2011.0.i586.rpm
d9d76f9711fe8c91808550398c6fadb3 2011/SRPMS/libpng-1.2.46-1.1.src.rpm

Mandriva Linux 2011/X86_64:
48f1307f1927a8136765c2b1c93e5e84
2011/x86_64/lib64png3-1.2.46-1.1-mdv2011.0.x86_64.rpm
60da8adfff64b0b0c505eacc211b8c7c
2011/x86_64/lib64png-devel-1.2.46-1.1-mdv2011.0.x86_64.rpm
9cf527b249680266e28d7fad6cb9840f
2011/x86_64/lib64png-static-devel-1.2.46-1.1-mdv2011.0.x86_64.rpm
dc3b6304233dcd785178f26e6cae0916
2011/x86_64/libpng-source-1.2.46-1.1-mdv2011.0.x86_64.rpm
d9d76f9711fe8c91808550398c6fadb3 2011/SRPMS/libpng-1.2.46-1.1.src.rpm

Mandriva Enterprise Server 5:
bd2f9ef883d4c7c650092136604c93d6
mes5/i586/libpng3-1.2.31-2.5mdvmes5.2.i586.rpm
03a50f86d3bec91252f194851ce97d37
mes5/i586/libpng-devel-1.2.31-2.5mdvmes5.2.i586.rpm
f7dab6addec1e0961fd09ac145923b4d
mes5/i586/libpng-source-1.2.31-2.5mdvmes5.2.i586.rpm
170753445a4511900ea260a65a27fc21
mes5/i586/libpng-static-devel-1.2.31-2.5mdvmes5.2.i586.rpm
fe12ec7437628c735fb4e52a814d79b7
mes5/SRPMS/libpng-1.2.31-2.5mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
5c696961a091bcf67bc6715c96a14459
mes5/x86_64/lib64png3-1.2.31-2.5mdvmes5.2.x86_64.rpm
88eea8de1c1e4e43498dbffabfedf96a
mes5/x86_64/lib64png-devel-1.2.31-2.5mdvmes5.2.x86_64.rpm
011fcf8505018f3aa3cd4a08289b80ff
mes5/x86_64/lib64png-static-devel-1.2.31-2.5mdvmes5.2.x86_64.rpm
1ba894529af1775bf39e41f1b7726dc4
mes5/x86_64/libpng-source-1.2.31-2.5mdvmes5.2.x86_64.rpm
fe12ec7437628c735fb4e52a814d79b7
mes5/SRPMS/libpng-1.2.31-2.5mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFPRKrLmqjQ0CJFipgRAjR7AJ9wJxfAe+llXmAUovEuWa1V5HBzAgCglUPx
T7bG+jPIIPB8BIm1u7kA12Y=
=Qz5/
-----END PGP SIGNATURE-----


------------=_1329912188-4050-103
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1329912188-4050-103--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung