Login
Newsletter
Werbung

Sicherheit: Denial of Service in gdk-pixbuf
Aktuelle Meldungen Distributionen
Name: Denial of Service in gdk-pixbuf
ID: RHSA-2005:343-01
Distribution: Red Hat
Plattformen: Red Hat Enterprise Linux
Datum: Di, 5. April 2005, 13:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0891
Applikationen: Gtk+

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: gdk-pixbuf security update
Advisory ID: RHSA-2005:343-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-343.html
Issue date: 2005-04-05
Updated on: 2005-04-05
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-0891
---------------------------------------------------------------------

1. Summary:

Updated gdk-pixbuf packages that fix a double free vulnerability are now
available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The gdk-pixbuf package contains an image loading library used with the
GNOME GUI desktop environment.

A bug was found in the way gdk-pixbuf processes BMP images. It is possible
that a specially crafted BMP image could cause a denial of service attack
on applications linked against gdk-pixbuf. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to
this issue.

Users of gdk-pixbuf are advised to upgrade to these packages, which contain
a backported patch and is not vulnerable to this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

152315 - CAN-2005-0891 gdk-pixbuf BMP double free DoS

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
gdk-pixbuf-0.22.0-12.el2.src.rpm
cd150c0707736057ed148da2f4f716c8 gdk-pixbuf-0.22.0-12.el2.src.rpm

i386:
7dfdd5d16a91e64380970e56d490c471 gdk-pixbuf-0.22.0-12.el2.i386.rpm
be7486b35d88c407fef24c541e525dc1 gdk-pixbuf-devel-0.22.0-12.el2.i386.rpm
9af7825523aeeff36cb7633e3cdc4403 gdk-pixbuf-gnome-0.22.0-12.el2.i386.rpm

ia64:
f6c266be7bb786fcaa6a7025719bd74f gdk-pixbuf-0.22.0-12.el2.ia64.rpm
6d344d3c48fac3320b5c7b4c34a28018 gdk-pixbuf-devel-0.22.0-12.el2.ia64.rpm
f6cfeb5bcf4e5da379fc8dd31811224d gdk-pixbuf-gnome-0.22.0-12.el2.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
gdk-pixbuf-0.22.0-12.el2.src.rpm
cd150c0707736057ed148da2f4f716c8 gdk-pixbuf-0.22.0-12.el2.src.rpm

ia64:
f6c266be7bb786fcaa6a7025719bd74f gdk-pixbuf-0.22.0-12.el2.ia64.rpm
6d344d3c48fac3320b5c7b4c34a28018 gdk-pixbuf-devel-0.22.0-12.el2.ia64.rpm
f6cfeb5bcf4e5da379fc8dd31811224d gdk-pixbuf-gnome-0.22.0-12.el2.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
gdk-pixbuf-0.22.0-12.el2.src.rpm
cd150c0707736057ed148da2f4f716c8 gdk-pixbuf-0.22.0-12.el2.src.rpm

i386:
7dfdd5d16a91e64380970e56d490c471 gdk-pixbuf-0.22.0-12.el2.i386.rpm
be7486b35d88c407fef24c541e525dc1 gdk-pixbuf-devel-0.22.0-12.el2.i386.rpm
9af7825523aeeff36cb7633e3cdc4403 gdk-pixbuf-gnome-0.22.0-12.el2.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
gdk-pixbuf-0.22.0-12.el2.src.rpm
cd150c0707736057ed148da2f4f716c8 gdk-pixbuf-0.22.0-12.el2.src.rpm

i386:
7dfdd5d16a91e64380970e56d490c471 gdk-pixbuf-0.22.0-12.el2.i386.rpm
be7486b35d88c407fef24c541e525dc1 gdk-pixbuf-devel-0.22.0-12.el2.i386.rpm
9af7825523aeeff36cb7633e3cdc4403 gdk-pixbuf-gnome-0.22.0-12.el2.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
gdk-pixbuf-0.22.0-12.el3.src.rpm
976b86cf75b4e7a59bceee5b4edc9a97 gdk-pixbuf-0.22.0-12.el3.src.rpm

i386:
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
f865db4cd92f7395a9ef0769d6fd3c08 gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
c1d243418786af9aa77f93343feb4e9c gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm

ia64:
41f620654091eee65af1e2a7caa4c629 gdk-pixbuf-0.22.0-12.el3.ia64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
e88d2b283b5ba14c9e17cf0fa0ff5632 gdk-pixbuf-devel-0.22.0-12.el3.ia64.rpm
d0747f8cc77eff6781978f265417ed09 gdk-pixbuf-gnome-0.22.0-12.el3.ia64.rpm

ppc:
dcde354069b804f3b32855b53915e2f0 gdk-pixbuf-0.22.0-12.el3.ppc.rpm
0cdbb62e276af7694d007568070c87ff gdk-pixbuf-0.22.0-12.el3.ppc64.rpm
f1a2be2fee1859d6f70d5747b8823706 gdk-pixbuf-devel-0.22.0-12.el3.ppc.rpm
d1e0b31da885fd13c984f03b1a6cf92f gdk-pixbuf-gnome-0.22.0-12.el3.ppc.rpm

s390:
22877fb2b5a75cdcdf523ab4585fd2c7 gdk-pixbuf-0.22.0-12.el3.s390.rpm
a4acd9d3eb0eb28836fcc360e76f1122 gdk-pixbuf-devel-0.22.0-12.el3.s390.rpm
6b2ed0bcdb22c2253988e8b99926a533 gdk-pixbuf-gnome-0.22.0-12.el3.s390.rpm

s390x:
17a78e9783fb3d9fb966c90d15052889 gdk-pixbuf-0.22.0-12.el3.s390x.rpm
22877fb2b5a75cdcdf523ab4585fd2c7 gdk-pixbuf-0.22.0-12.el3.s390.rpm
d720e8670862c620fa40860ae9ff58cc gdk-pixbuf-devel-0.22.0-12.el3.s390x.rpm
edb7f22d7e8a37e7659d21a1f1b1357a gdk-pixbuf-gnome-0.22.0-12.el3.s390x.rpm

x86_64:
c1b4180a28bf65b5133c5eefa24b93a0 gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
205637111511ee684cee2a7f55faa0f1 gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
d6f7574029cdbdf29136463bf8034266 gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
gdk-pixbuf-0.22.0-12.el3.src.rpm
976b86cf75b4e7a59bceee5b4edc9a97 gdk-pixbuf-0.22.0-12.el3.src.rpm

i386:
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
f865db4cd92f7395a9ef0769d6fd3c08 gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
c1d243418786af9aa77f93343feb4e9c gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm

x86_64:
c1b4180a28bf65b5133c5eefa24b93a0 gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
205637111511ee684cee2a7f55faa0f1 gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
d6f7574029cdbdf29136463bf8034266 gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
gdk-pixbuf-0.22.0-12.el3.src.rpm
976b86cf75b4e7a59bceee5b4edc9a97 gdk-pixbuf-0.22.0-12.el3.src.rpm

i386:
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
f865db4cd92f7395a9ef0769d6fd3c08 gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
c1d243418786af9aa77f93343feb4e9c gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm

ia64:
41f620654091eee65af1e2a7caa4c629 gdk-pixbuf-0.22.0-12.el3.ia64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
e88d2b283b5ba14c9e17cf0fa0ff5632 gdk-pixbuf-devel-0.22.0-12.el3.ia64.rpm
d0747f8cc77eff6781978f265417ed09 gdk-pixbuf-gnome-0.22.0-12.el3.ia64.rpm

x86_64:
c1b4180a28bf65b5133c5eefa24b93a0 gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
205637111511ee684cee2a7f55faa0f1 gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
d6f7574029cdbdf29136463bf8034266 gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
gdk-pixbuf-0.22.0-12.el3.src.rpm
976b86cf75b4e7a59bceee5b4edc9a97 gdk-pixbuf-0.22.0-12.el3.src.rpm

i386:
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
f865db4cd92f7395a9ef0769d6fd3c08 gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
c1d243418786af9aa77f93343feb4e9c gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm

ia64:
41f620654091eee65af1e2a7caa4c629 gdk-pixbuf-0.22.0-12.el3.ia64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
e88d2b283b5ba14c9e17cf0fa0ff5632 gdk-pixbuf-devel-0.22.0-12.el3.ia64.rpm
d0747f8cc77eff6781978f265417ed09 gdk-pixbuf-gnome-0.22.0-12.el3.ia64.rpm

x86_64:
c1b4180a28bf65b5133c5eefa24b93a0 gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
205637111511ee684cee2a7f55faa0f1 gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
d6f7574029cdbdf29136463bf8034266 gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
gdk-pixbuf-0.22.0-16.el4.src.rpm
d1ebd19ea75268ebcc3f06824a4a572c gdk-pixbuf-0.22.0-16.el4.src.rpm

i386:
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c8072476dff533717a389f6fb32f978d gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm

ia64:
7ff5fe095b30974df15e143b0d7e929e gdk-pixbuf-0.22.0-16.el4.ia64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
be7e5e039520062ff027c2f482728fde gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm

ppc:
67814460f4036204f6a6061239d8748f gdk-pixbuf-0.22.0-16.el4.ppc.rpm
3c01305b14fa397a13b6e3faea132bd0 gdk-pixbuf-0.22.0-16.el4.ppc64.rpm
1e85a9e6c3c78def4fdaaa07f5b4fe3c gdk-pixbuf-devel-0.22.0-16.el4.ppc.rpm

s390:
1864bf760c9f2dcbe7983df29099a225 gdk-pixbuf-0.22.0-16.el4.s390.rpm
ed820e2cb04141a57ac381bca8d6332a gdk-pixbuf-devel-0.22.0-16.el4.s390.rpm

s390x:
a3f558d6b7370c864a6771412d1a2513 gdk-pixbuf-0.22.0-16.el4.s390x.rpm
1864bf760c9f2dcbe7983df29099a225 gdk-pixbuf-0.22.0-16.el4.s390.rpm
3c11f5939e9ac8d2e6eb5e6177b733d8 gdk-pixbuf-devel-0.22.0-16.el4.s390x.rpm

x86_64:
61f8e510098ebd12f32a7e479d0026d7 gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c94e5cee6ee5c19dd49f7371e8fddb78 gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
gdk-pixbuf-0.22.0-16.el4.src.rpm
d1ebd19ea75268ebcc3f06824a4a572c gdk-pixbuf-0.22.0-16.el4.src.rpm

i386:
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c8072476dff533717a389f6fb32f978d gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm

x86_64:
61f8e510098ebd12f32a7e479d0026d7 gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c94e5cee6ee5c19dd49f7371e8fddb78 gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
gdk-pixbuf-0.22.0-16.el4.src.rpm
d1ebd19ea75268ebcc3f06824a4a572c gdk-pixbuf-0.22.0-16.el4.src.rpm

i386:
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c8072476dff533717a389f6fb32f978d gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm

ia64:
7ff5fe095b30974df15e143b0d7e929e gdk-pixbuf-0.22.0-16.el4.ia64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
be7e5e039520062ff027c2f482728fde gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm

x86_64:
61f8e510098ebd12f32a7e479d0026d7 gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c94e5cee6ee5c19dd49f7371e8fddb78 gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
gdk-pixbuf-0.22.0-16.el4.src.rpm
d1ebd19ea75268ebcc3f06824a4a572c gdk-pixbuf-0.22.0-16.el4.src.rpm

i386:
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c8072476dff533717a389f6fb32f978d gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm

ia64:
7ff5fe095b30974df15e143b0d7e929e gdk-pixbuf-0.22.0-16.el4.ia64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
be7e5e039520062ff027c2f482728fde gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm

x86_64:
61f8e510098ebd12f32a7e479d0026d7 gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c94e5cee6ee5c19dd49f7371e8fddb78 gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0891

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCUq1qXlSAg2UNWIIRApawAJ9aFHteb4s0s6rNQOIyPr2GGG6gPwCfUa8H
8Z7usb1gquvJu/DCWdqAKww=
=Dlo2
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung