Sicherheit: Denial of Service in gdk-pixbuf

Lesezeichen hinzufügen

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: gdk-pixbuf
Advisory ID: MDKSA-2005:069
Date: April 7th, 2005

Affected versions: 10.0, 10.1, Corporate 3.0
______________________________________________________________________

Problem Description:

A bug was discovered in the way that gdk-pixbuf processes BMP images
which could allow for a specially crafted BMP to cause a Denial of
Service attack on applications linked against gdk-pixbuf.

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.0:
f430b445e8a76a05376b65d8bcf085b9
10.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.100mdk.i586.rpm
0e87d2d409375ccb4d900dd4f360efa1
10.0/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-2.3.100mdk.i586.rpm
5332504ce51f46a200869595c1a0e859
10.0/RPMS/libgdk-pixbuf-xlib2-0.22.0-2.3.100mdk.i586.rpm
6d8075217b6d323a5ade36f02d110015
10.0/RPMS/libgdk-pixbuf2-0.22.0-2.3.100mdk.i586.rpm
fc8ea48179e55758f2432d9360f50627
10.0/RPMS/libgdk-pixbuf2-devel-0.22.0-2.3.100mdk.i586.rpm
bc8962a581d9df3bfcd6449c98651e6c
10.0/SRPMS/gdk-pixbuf-0.22.0-2.3.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
fbd1ddbf1d5a20166a0f5197107c2018
amd64/10.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.100mdk.amd64.rpm
19ea3305f0672cfef258b8d9070ebcb2
amd64/10.0/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-2.3.100mdk.amd64.rpm
cd48bd19cc3dcf7efc044e3f8d6714bf
amd64/10.0/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-2.3.100mdk.amd64.rpm
4a39a2ccfe011df57c87902a255e2665
amd64/10.0/RPMS/lib64gdk-pixbuf2-0.22.0-2.3.100mdk.amd64.rpm
7cda46391c609bc960ae64b80e89015b
amd64/10.0/RPMS/lib64gdk-pixbuf2-devel-0.22.0-2.3.100mdk.amd64.rpm
bc8962a581d9df3bfcd6449c98651e6c
amd64/10.0/SRPMS/gdk-pixbuf-0.22.0-2.3.100mdk.src.rpm

Mandrakelinux 10.1:
0fbccd1cdae7c75775faf437cdf47dd6
10.1/RPMS/gdk-pixbuf-loaders-0.22.0-5.1.101mdk.i586.rpm
dd160afc8f5a9b5e90b3ee9953eb79aa
10.1/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-5.1.101mdk.i586.rpm
4144e66108cf882dd3f4f1bf4bce2ff2
10.1/RPMS/libgdk-pixbuf-xlib2-0.22.0-5.1.101mdk.i586.rpm
8bbed60b2e8298474f40d29d90858dc5
10.1/RPMS/libgdk-pixbuf2-0.22.0-5.1.101mdk.i586.rpm
0c3a28830681cb6409b8e43e3acc5bab
10.1/RPMS/libgdk-pixbuf2-devel-0.22.0-5.1.101mdk.i586.rpm
d106ccd550bf9d9e32ee279eed8a5eba
10.1/SRPMS/gdk-pixbuf-0.22.0-5.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
7590453088477646d32207678c74aebb
x86_64/10.1/RPMS/gdk-pixbuf-loaders-0.22.0-5.1.101mdk.x86_64.rpm
dd160afc8f5a9b5e90b3ee9953eb79aa
x86_64/10.1/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-5.1.101mdk.i586.rpm
4144e66108cf882dd3f4f1bf4bce2ff2
x86_64/10.1/RPMS/libgdk-pixbuf-xlib2-0.22.0-5.1.101mdk.i586.rpm
8bbed60b2e8298474f40d29d90858dc5
x86_64/10.1/RPMS/libgdk-pixbuf2-0.22.0-5.1.101mdk.i586.rpm
2249305133157e4df30e4dccd15953c8
x86_64/10.1/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-5.1.101mdk.x86_64.rpm
db79c2089feb5dec9bce76e3475b08a7
x86_64/10.1/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-5.1.101mdk.x86_64.rpm
f84a8a50bc36072dbb157a1097f0d949
x86_64/10.1/RPMS/lib64gdk-pixbuf2-0.22.0-5.1.101mdk.x86_64.rpm
3259e21f008ae6f7895e0c22196bfb76
x86_64/10.1/RPMS/lib64gdk-pixbuf2-devel-0.22.0-5.1.101mdk.x86_64.rpm
d106ccd550bf9d9e32ee279eed8a5eba
x86_64/10.1/SRPMS/gdk-pixbuf-0.22.0-5.1.101mdk.src.rpm

Corporate 3.0:
451bbbd4bd336dee287fba9b29f635e4
corporate/3.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.C30mdk.i586.rpm
acb446883025bdf03429fecd7123f867
corporate/3.0/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-2.3.C30mdk.i586.rpm
5c9ef2fcd3a3d290898478832583c98f
corporate/3.0/RPMS/libgdk-pixbuf-xlib2-0.22.0-2.3.C30mdk.i586.rpm
f111de3c371cbb9b7f9d93cdee94250f
corporate/3.0/RPMS/libgdk-pixbuf2-0.22.0-2.3.C30mdk.i586.rpm
1a17bf4e8148d703b543d7cc6548aae4
corporate/3.0/RPMS/libgdk-pixbuf2-devel-0.22.0-2.3.C30mdk.i586.rpm
39a9fe79245f9bc8ea83e24ae1d34041
corporate/3.0/SRPMS/gdk-pixbuf-0.22.0-2.3.C30mdk.src.rpm

Corporate 3.0/X86_64:
e97d3b46e21b4de9d31af7bdd9cf7e73
x86_64/corporate/3.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.C30mdk.x86_64.rpm
b0a897d394be8925adacb37d705b6f37
x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-2.3.C30mdk.x86_64.rpm
103253c83fa7b9c79f121157615c3c08
x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-2.3.C30mdk.x86_64.rpm
6b0d14a317df8bb09866dc287ff06692
x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf2-0.22.0-2.3.C30mdk.x86_64.rpm
90004b32575925d0721668317b40a8c7
x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf2-devel-0.22.0-2.3.C30mdk.x86_64.rpm
39a9fe79245f9bc8ea83e24ae1d34041
x86_64/corporate/3.0/SRPMS/gdk-pixbuf-0.22.0-2.3.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandrakelinux at:

http://www.mandrakesoft.com/security/advisories

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCVbhzmqjQ0CJFipgRAsqdAKCrmknhRmBqVGEKHNdDt0geJBhuxgCfVEjW
L94SvoG/PVU6ZaDJzRF+C6Y=
=ZNyw
-----END PGP SIGNATURE-----

____________________________________________________
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________