Login
Newsletter
Werbung
Sicherheit: Pufferüberlauf in libpng (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in libpng (Aktualisierung)
ID: DSA-140-2
Distribution: Debian
Plattformen: Debian woody
Datum: Di, 6. August 2002, 13:00
Referenzen: Keine Angabe
Applikationen: libpng
Update von: Pufferüberlauf in libpng

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



--------------------------------------------------------------------------

Debian Security Advisory DSA 140-2                     security@debian.org

http://www.debian.org/security/                             Martin Schulze

August 5th, 2002   

--------------------------------------------------------------------------



Package        : libpng, libpng3

Vulnerability  : Buffer overflow

Problem-Type   : remote

Debian-specific: no



In addition to the advisory DSA 140-1 the packages below fix another

potential buffer overflow.  The PNG libraries implement a safety

margin which is also included in a newer upstream release.  Thanks to

Glenn Randers-Pehrson for informing us.



This problem has been fixed in version 1.0.12-3.woody.2 of libpng and

version 1.2.1-1.1.woody.2 of libpng3 for the current stable

distribution (woody).



We recommend that you upgrade your libpng packages.



wget url

	will fetch the file for you

dpkg -i file.deb

        will install the referenced file.



If you are using the apt-get package manager, use the line for

sources.list as given below:



apt-get update

        will update the internal database

apt-get upgrade

        will install corrected packages



You may use an automated update by adding the resources from the

footer to the proper configuration.





Debian GNU/Linux 3.0 alias woody

--------------------------------



  Source archives:



    libpng_1.0.12-3.woody.2.dsc
      Size/MD5 checksum:      579 6fa91023a699b539f8406572acabcd45

    libpng_1.0.12-3.woody.2.diff.gz
      Size/MD5 checksum:     7914 5e876cff104633b6ded3930b3c16aaa6

    libpng_1.0.12.orig.tar.gz
      Size/MD5 checksum:   481387 3329b745968e41f6f9e55a4d04a4964c

    libpng3_1.2.1-1.1.woody.2.dsc
      Size/MD5 checksum:      582 1ad71907a2745b4a4c66ba57399b7f12

    libpng3_1.2.1-1.1.woody.2.diff.gz
      Size/MD5 checksum:     8303 e72f6a3a38b4cace1971ca1c0b5bc20a

    libpng3_1.2.1.orig.tar.gz
      Size/MD5 checksum:   493105 75a21cbfae566158a0ac6d9f39087c4d



  Alpha architecture:



    libpng-dev_1.2.1-1.1.woody.2_alpha.deb
      Size/MD5 checksum:   276344 6ef427edc12b2b6f1c1cb9f70e9922f8

    libpng2_1.0.12-3.woody.2_alpha.deb
      Size/MD5 checksum:   129748 c9c8197d16b91ad721d92c53de44d640

    libpng2-dev_1.0.12-3.woody.2_alpha.deb
      Size/MD5 checksum:   270238 4c6cf35a90dbbe8f7d781a6f0d7d5583

    libpng3_1.2.1-1.1.woody.2_alpha.deb
      Size/MD5 checksum:   133154 220f5cd5020a19ed67b40208d5ece6c8



  ARM architecture:



    libpng-dev_1.2.1-1.1.woody.2_arm.deb
      Size/MD5 checksum:   247430 69afbfe0aeb0e3c08a334a84b3e8cb77

    libpng2_1.0.12-3.woody.2_arm.deb
      Size/MD5 checksum:   108224 e1707faafae8955ebeae6ef3cbf70c9a

    libpng2-dev_1.0.12-3.woody.2_arm.deb
      Size/MD5 checksum:   241200 98a7ce949f1c89161a002516042d9ebd

    libpng3_1.2.1-1.1.woody.2_arm.deb
      Size/MD5 checksum:   111508 791721c2c467b7c0b6fe666b9299a2d4



  Intel IA-32 architecture:



    libpng-dev_1.2.1-1.1.woody.2_i386.deb
      Size/MD5 checksum:   233094 f9889af54e78f47eebe1fa5a60ef33cb

    libpng2_1.0.12-3.woody.2_i386.deb
      Size/MD5 checksum:   106636 c9369f9eb9ae747365cdccf40acc3c2d

    libpng2-dev_1.0.12-3.woody.2_i386.deb
      Size/MD5 checksum:   227308 4c452324c7308dcd268128fbe4b6439f

    libpng3_1.2.1-1.1.woody.2_i386.deb
      Size/MD5 checksum:   109802 8694e5afdb6f0c0c9e13b9f24aac8f63



  Intel IA-64 architecture:



    libpng-dev_1.2.1-1.1.woody.2_ia64.deb
      Size/MD5 checksum:   278606 4e66108c22e624861a905bc5e5b55626

    libpng2_1.0.12-3.woody.2_ia64.deb
      Size/MD5 checksum:   146174 91852036ba0ebff0f3734b9333a07388

    libpng2-dev_1.0.12-3.woody.2_ia64.deb
      Size/MD5 checksum:   271448 ac0dcd865700840d0efd2c36df1a217a

    libpng3_1.2.1-1.1.woody.2_ia64.deb
      Size/MD5 checksum:   150852 f95379f323df7cd53c0fee8c8dfdde3d



  HP Precision architecture:



    libpng-dev_1.2.1-1.1.woody.2_hppa.deb
      Size/MD5 checksum:   269384 48798cfcd2fce8157bb25e34b3b3bfc3

    libpng2_1.0.12-3.woody.2_hppa.deb
      Size/MD5 checksum:   128266 85ff01a845db01cbdb5146c008f1a03d

    libpng2-dev_1.0.12-3.woody.2_hppa.deb
      Size/MD5 checksum:   262318 2dff123a3e2df906b66b02885048d412

    libpng3_1.2.1-1.1.woody.2_hppa.deb
      Size/MD5 checksum:   132326 d3a294616ae7e5c710686d058641c7a8



  Motorola 680x0 architecture:



    libpng-dev_1.2.1-1.1.woody.2_m68k.deb
      Size/MD5 checksum:   226070 2f6a7ba8598056d782f590ea436caf36

    libpng2_1.0.12-3.woody.2_m68k.deb
      Size/MD5 checksum:   103264 8f806c4dc79c2b3f83eff41dfe2c3ed8

    libpng2-dev_1.0.12-3.woody.2_m68k.deb
      Size/MD5 checksum:   220478 0a21d4692ce16aa98bfb1b1f9be699c8

    libpng3_1.2.1-1.1.woody.2_m68k.deb
      Size/MD5 checksum:   106256 c36180e064f5a8375e51b7c021b84338



  Big endian MIPS architecture:



    libpng-dev_1.2.1-1.1.woody.2_mips.deb
      Size/MD5 checksum:   246798 b026c3d8bbd5aebbd1c5165e38a40895

    libpng2_1.0.12-3.woody.2_mips.deb
      Size/MD5 checksum:   108336 de2f358f510ab45d26ec566a16a653ce

    libpng2-dev_1.0.12-3.woody.2_mips.deb
      Size/MD5 checksum:   240378 f6f86bb6a308189f6681b9d3c78207e4

    libpng3_1.2.1-1.1.woody.2_mips.deb
      Size/MD5 checksum:   111730 036b8290d2c590a52b40a4e4d297c97f



  Little endian MIPS architecture:



    libpng-dev_1.2.1-1.1.woody.2_mipsel.deb
      Size/MD5 checksum:   246750 bce709abe60767e9148ee8bd2f31bf79

    libpng2_1.0.12-3.woody.2_mipsel.deb
      Size/MD5 checksum:   108208 c858c8d26f79ed9fa86e0b4a273a0a62

    libpng2-dev_1.0.12-3.woody.2_mipsel.deb
      Size/MD5 checksum:   240266 f0e223ddf818ecb5cdaaed0d9b5be1d1

    libpng3_1.2.1-1.1.woody.2_mipsel.deb
      Size/MD5 checksum:   111642 fee8803a26ef4fc3eb5a84f3d7f34929



  PowerPC architecture:



    libpng-dev_1.2.1-1.1.woody.2_powerpc.deb
      Size/MD5 checksum:   240358 e45598add532892d4f9e78689746e5ba

    libpng2_1.0.12-3.woody.2_powerpc.deb
      Size/MD5 checksum:   109638 20caff5351a2c73b4c60351b962e7547

    libpng2-dev_1.0.12-3.woody.2_powerpc.deb
      Size/MD5 checksum:   234366 a4cf783b849f32d3e587b4f98ece26fd

    libpng3_1.2.1-1.1.woody.2_powerpc.deb
      Size/MD5 checksum:   112708 0d6696004fc745980d816921e3ec440b



  IBM S/390 architecture:



    libpng-dev_1.2.1-1.1.woody.2_s390.deb
      Size/MD5 checksum:   232366 8c7e8d41b3d14d2e08f97a1fc8914c9c

    libpng2_1.0.12-3.woody.2_s390.deb
      Size/MD5 checksum:   107324 43e46e6174fd4052b2ea103c6771ad4d

    libpng2-dev_1.0.12-3.woody.2_s390.deb
      Size/MD5 checksum:   226490 1a081fc6435c091bc824f898a848d2d7

    libpng3_1.2.1-1.1.woody.2_s390.deb
      Size/MD5 checksum:   110792 880a6b36459adddbf80ed9ec19f741fd



  Sun Sparc architecture:



    libpng-dev_1.2.1-1.1.woody.2_sparc.deb
      Size/MD5 checksum:   237660 f1efbe23919ea8d37e3ebe57597a7bbd

    libpng2_1.0.12-3.woody.2_sparc.deb
      Size/MD5 checksum:   109716 9db86c437af56a16f200977b68cb84b8

    libpng2-dev_1.0.12-3.woody.2_sparc.deb
      Size/MD5 checksum:   231820 ae29d63b9698612331035f894ef3755a

    libpng3_1.2.1-1.1.woody.2_sparc.deb
      Size/MD5 checksum:   113114 3cadf1a05fb83ce6476423243ac16806





  These files will probably be moved into the stable distribution on

  its next revision.



---------------------------------------------------------------------------------


For apt-get: deb http://security.debian.org/ stable/updates main

For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main

Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>



-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.0.7 (GNU/Linux)



iD8DBQE9TkS9W5ql+IAeqTIRArQ5AJ4vekZfvkoGZBnfa+VXtEVQdKKOWwCgjzXM

i7iQSw4G87r++sEK9CHKHgY=

=PkIu

-----END PGP SIGNATURE-----





-- 

To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org

with a subject of "unsubscribe". Trouble? Contact
 listmaster@lists.debian.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung