[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E1DJfgd-0000EE-C1@updates.mandrakesoft.com>
Date: Thu, 07 Apr 2005 16:41:19 -0600
From: Mandrakelinux Security Team <security@...ux-mandrake.com>
To: bugtraq@...urityfocus.com
Subject: MDKSA-2005:068 - Updated gtk+2.0 packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: gtk+2.0
Advisory ID: MDKSA-2005:068
Date: April 7th, 2005
Affected versions: 10.0, 10.1, Corporate 3.0
______________________________________________________________________
Problem Description:
A bug was discovered in the way that gtk+2.0 processes BMP images
which could allow for a specially crafted BMP to cause a Denial of
Service attack on applications linked against gtk+2.0.
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
6ded91220f9da5195a7eb8bd29744ce5 10.0/RPMS/gtk+2.0-2.2.4-10.2.100mdk.i586.rpm
defbd824fdbceafb811c4a26804eea2d 10.0/RPMS/libgdk_pixbuf2.0_0-2.2.4-10.2.100mdk.i586.rpm
fa164ed6e67c60abd8f9624715b06cef 10.0/RPMS/libgdk_pixbuf2.0_0-devel-2.2.4-10.2.100mdk.i586.rpm
0a90ddf71f6e8bd8b70503a4bbe41f00 10.0/RPMS/libgtk+-linuxfb-2.0_0-2.2.4-10.2.100mdk.i586.rpm
5f9257920729f34f1657406ab69dd3fe 10.0/RPMS/libgtk+-linuxfb-2.0_0-devel-2.2.4-10.2.100mdk.i586.rpm
ff6e8a3eb98537c53607275896788a6b 10.0/RPMS/libgtk+-x11-2.0_0-2.2.4-10.2.100mdk.i586.rpm
dcb5de61416c85a2680bfe331e12faf4 10.0/RPMS/libgtk+2.0_0-2.2.4-10.2.100mdk.i586.rpm
b5e1886ca33a99b7ea26ba65a634a171 10.0/RPMS/libgtk+2.0_0-devel-2.2.4-10.2.100mdk.i586.rpm
8a7e5e9f6620200330f7800d65e02468 10.0/SRPMS/gtk+2.0-2.2.4-10.2.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
3442a95e11299776193b69b6bc86513a amd64/10.0/RPMS/gtk+2.0-2.2.4-10.2.100mdk.amd64.rpm
879dfefb728b1f04c5f5e0c049cb173b amd64/10.0/RPMS/lib64gdk_pixbuf2.0_0-2.2.4-10.2.100mdk.amd64.rpm
c4ac90a0f8d987a825fb1f6732e14c57 amd64/10.0/RPMS/lib64gdk_pixbuf2.0_0-devel-2.2.4-10.2.100mdk.amd64.rpm
554b74e447cda888be6ae8cb7e916761 amd64/10.0/RPMS/lib64gtk+-linuxfb-2.0_0-2.2.4-10.2.100mdk.amd64.rpm
c17c2e94111421bfd631adf517fc5b57 amd64/10.0/RPMS/lib64gtk+-linuxfb-2.0_0-devel-2.2.4-10.2.100mdk.amd64.rpm
fd493ea1d4da40eedf305e2d558d41e6 amd64/10.0/RPMS/lib64gtk+-x11-2.0_0-2.2.4-10.2.100mdk.amd64.rpm
292e229535ee420bc8bbf7488225611a amd64/10.0/RPMS/lib64gtk+2.0_0-2.2.4-10.2.100mdk.amd64.rpm
827a421ac971df39a90f47467195eb75 amd64/10.0/RPMS/lib64gtk+2.0_0-devel-2.2.4-10.2.100mdk.amd64.rpm
8a7e5e9f6620200330f7800d65e02468 amd64/10.0/SRPMS/gtk+2.0-2.2.4-10.2.100mdk.src.rpm
Mandrakelinux 10.1:
63bdf92cde28cd4596862acb8303db89 10.1/RPMS/gtk+2.0-2.4.9-9.1.101mdk.i586.rpm
d0b44ebf0f5a32495164e3b95f836a1e 10.1/RPMS/libgdk_pixbuf2.0_0-2.4.9-9.1.101mdk.i586.rpm
b61a83a21d2af5f893d010687e4ba31c 10.1/RPMS/libgdk_pixbuf2.0_0-devel-2.4.9-9.1.101mdk.i586.rpm
79e3363764cd1e005c92217b1601410d 10.1/RPMS/libgtk+-x11-2.0_0-2.4.9-9.1.101mdk.i586.rpm
db1d643a7c5e8c2ea9caf3a09b08ffd1 10.1/RPMS/libgtk+2.0_0-2.4.9-9.1.101mdk.i586.rpm
825f54c99f3e0790fa563318eb0ad4f4 10.1/RPMS/libgtk+2.0_0-devel-2.4.9-9.1.101mdk.i586.rpm
73738f0963942b9266e0cb3ec2e7812b 10.1/SRPMS/gtk+2.0-2.4.9-9.1.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
58f3b14ddf3174f282a7fcedd2291cb2 x86_64/10.1/RPMS/gtk+2.0-2.4.9-9.1.101mdk.x86_64.rpm
d0b44ebf0f5a32495164e3b95f836a1e x86_64/10.1/RPMS/libgdk_pixbuf2.0_0-2.4.9-9.1.101mdk.i586.rpm
79e3363764cd1e005c92217b1601410d x86_64/10.1/RPMS/libgtk+-x11-2.0_0-2.4.9-9.1.101mdk.i586.rpm
db1d643a7c5e8c2ea9caf3a09b08ffd1 x86_64/10.1/RPMS/libgtk+2.0_0-2.4.9-9.1.101mdk.i586.rpm
0a8969769eb5197c102f9c4e26de3c9d x86_64/10.1/RPMS/lib64gdk_pixbuf2.0_0-2.4.9-9.1.101mdk.x86_64.rpm
8587febd8da71ae4ac0523f1bf3799ba x86_64/10.1/RPMS/lib64gdk_pixbuf2.0_0-devel-2.4.9-9.1.101mdk.x86_64.rpm
81a6326dd657d99ee7dd7c0677fc8ff2 x86_64/10.1/RPMS/lib64gtk+-x11-2.0_0-2.4.9-9.1.101mdk.x86_64.rpm
777f9c5fc9d83748825e0e9af165c3e3 x86_64/10.1/RPMS/lib64gtk+2.0_0-2.4.9-9.1.101mdk.x86_64.rpm
72273e60a9ff32f874239d90d5cdfd24 x86_64/10.1/RPMS/lib64gtk+2.0_0-devel-2.4.9-9.1.101mdk.x86_64.rpm
73738f0963942b9266e0cb3ec2e7812b x86_64/10.1/SRPMS/gtk+2.0-2.4.9-9.1.101mdk.src.rpm
Corporate 3.0:
87c55c922e3fe5dce66fd619d6d94034 corporate/3.0/RPMS/gtk+2.0-2.2.4-10.3.C30mdk.i586.rpm
5bdfa2ded3da000da4d39c7bdb5a2edb corporate/3.0/RPMS/libgdk_pixbuf2.0_0-2.2.4-10.3.C30mdk.i586.rpm
e6e00410204aff942b57b4b42ce3708a corporate/3.0/RPMS/libgdk_pixbuf2.0_0-devel-2.2.4-10.3.C30mdk.i586.rpm
7b714ac098a96754362d0e6e6b06d22a corporate/3.0/RPMS/libgtk+-linuxfb-2.0_0-2.2.4-10.3.C30mdk.i586.rpm
4f13d0dd61a046297f8ced1e78496549 corporate/3.0/RPMS/libgtk+-linuxfb-2.0_0-devel-2.2.4-10.3.C30mdk.i586.rpm
5009d264352ec2f4710d4e2d198f5178 corporate/3.0/RPMS/libgtk+-x11-2.0_0-2.2.4-10.3.C30mdk.i586.rpm
70cc0d5faecb6ade7db357bd98ae2f2c corporate/3.0/RPMS/libgtk+2.0_0-2.2.4-10.3.C30mdk.i586.rpm
fe6a4d000fb5af708fec694109e56339 corporate/3.0/RPMS/libgtk+2.0_0-devel-2.2.4-10.3.C30mdk.i586.rpm
cb2b245a60da7db473b9d6f95596a8e8 corporate/3.0/SRPMS/gtk+2.0-2.2.4-10.3.C30mdk.src.rpm
Corporate 3.0/X86_64:
62ba5850d9ce991c37b00d4f4c2423fc x86_64/corporate/3.0/RPMS/gtk+2.0-2.2.4-10.3.C30mdk.x86_64.rpm
c3752c95681dba01c2862559099ae28c x86_64/corporate/3.0/RPMS/lib64gdk_pixbuf2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
c60a80e68525611932a2be6c5a224471 x86_64/corporate/3.0/RPMS/lib64gdk_pixbuf2.0_0-devel-2.2.4-10.3.C30mdk.x86_64.rpm
493ef92d6e50f9399303015c73d74bdd x86_64/corporate/3.0/RPMS/lib64gtk+-linuxfb-2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
0b60bc13179cb5563580bcfe78754065 x86_64/corporate/3.0/RPMS/lib64gtk+-linuxfb-2.0_0-devel-2.2.4-10.3.C30mdk.x86_64.rpm
93ca4819c1be2754e0b45fafebe12133 x86_64/corporate/3.0/RPMS/lib64gtk+-x11-2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
313c17b002cde662476654bca69a887b x86_64/corporate/3.0/RPMS/lib64gtk+2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
730e178acc1c61b370490b7aaf71bb5f x86_64/corporate/3.0/RPMS/lib64gtk+2.0_0-devel-2.2.4-10.3.C30mdk.x86_64.rpm
cb2b245a60da7db473b9d6f95596a8e8 x86_64/corporate/3.0/SRPMS/gtk+2.0-2.2.4-10.3.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCVbcPmqjQ0CJFipgRAgiaAKCLaa9bsCxjetQNQ46K4d3AcLe+kwCdFCuo
zTSJivJXoAzKnQyRC9GJtYU=
=DEei
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists