lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E1DJfmN-0000O1-KU@updates.mandrakesoft.com>
Date: Thu, 07 Apr 2005 16:47:15 -0600
From: Mandrakelinux Security Team <security@...ux-mandrake.com>
To: bugtraq@...urityfocus.com
Subject: MDKSA-2005:069 - Updated gdk-pixbuf packages fix vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           gdk-pixbuf
 Advisory ID:            MDKSA-2005:069
 Date:                   April 7th, 2005

 Affected versions:	 10.0, 10.1, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 A bug was discovered in the way that gdk-pixbuf processes BMP images
 which could allow for a specially crafted BMP to cause a Denial of
 Service attack on applications linked against gdk-pixbuf.
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 f430b445e8a76a05376b65d8bcf085b9  10.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.100mdk.i586.rpm
 0e87d2d409375ccb4d900dd4f360efa1  10.0/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-2.3.100mdk.i586.rpm
 5332504ce51f46a200869595c1a0e859  10.0/RPMS/libgdk-pixbuf-xlib2-0.22.0-2.3.100mdk.i586.rpm
 6d8075217b6d323a5ade36f02d110015  10.0/RPMS/libgdk-pixbuf2-0.22.0-2.3.100mdk.i586.rpm
 fc8ea48179e55758f2432d9360f50627  10.0/RPMS/libgdk-pixbuf2-devel-0.22.0-2.3.100mdk.i586.rpm
 bc8962a581d9df3bfcd6449c98651e6c  10.0/SRPMS/gdk-pixbuf-0.22.0-2.3.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 fbd1ddbf1d5a20166a0f5197107c2018  amd64/10.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.100mdk.amd64.rpm
 19ea3305f0672cfef258b8d9070ebcb2  amd64/10.0/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-2.3.100mdk.amd64.rpm
 cd48bd19cc3dcf7efc044e3f8d6714bf  amd64/10.0/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-2.3.100mdk.amd64.rpm
 4a39a2ccfe011df57c87902a255e2665  amd64/10.0/RPMS/lib64gdk-pixbuf2-0.22.0-2.3.100mdk.amd64.rpm
 7cda46391c609bc960ae64b80e89015b  amd64/10.0/RPMS/lib64gdk-pixbuf2-devel-0.22.0-2.3.100mdk.amd64.rpm
 bc8962a581d9df3bfcd6449c98651e6c  amd64/10.0/SRPMS/gdk-pixbuf-0.22.0-2.3.100mdk.src.rpm

 Mandrakelinux 10.1:
 0fbccd1cdae7c75775faf437cdf47dd6  10.1/RPMS/gdk-pixbuf-loaders-0.22.0-5.1.101mdk.i586.rpm
 dd160afc8f5a9b5e90b3ee9953eb79aa  10.1/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-5.1.101mdk.i586.rpm
 4144e66108cf882dd3f4f1bf4bce2ff2  10.1/RPMS/libgdk-pixbuf-xlib2-0.22.0-5.1.101mdk.i586.rpm
 8bbed60b2e8298474f40d29d90858dc5  10.1/RPMS/libgdk-pixbuf2-0.22.0-5.1.101mdk.i586.rpm
 0c3a28830681cb6409b8e43e3acc5bab  10.1/RPMS/libgdk-pixbuf2-devel-0.22.0-5.1.101mdk.i586.rpm
 d106ccd550bf9d9e32ee279eed8a5eba  10.1/SRPMS/gdk-pixbuf-0.22.0-5.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 7590453088477646d32207678c74aebb  x86_64/10.1/RPMS/gdk-pixbuf-loaders-0.22.0-5.1.101mdk.x86_64.rpm
 dd160afc8f5a9b5e90b3ee9953eb79aa  x86_64/10.1/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-5.1.101mdk.i586.rpm
 4144e66108cf882dd3f4f1bf4bce2ff2  x86_64/10.1/RPMS/libgdk-pixbuf-xlib2-0.22.0-5.1.101mdk.i586.rpm
 8bbed60b2e8298474f40d29d90858dc5  x86_64/10.1/RPMS/libgdk-pixbuf2-0.22.0-5.1.101mdk.i586.rpm
 2249305133157e4df30e4dccd15953c8  x86_64/10.1/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-5.1.101mdk.x86_64.rpm
 db79c2089feb5dec9bce76e3475b08a7  x86_64/10.1/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-5.1.101mdk.x86_64.rpm
 f84a8a50bc36072dbb157a1097f0d949  x86_64/10.1/RPMS/lib64gdk-pixbuf2-0.22.0-5.1.101mdk.x86_64.rpm
 3259e21f008ae6f7895e0c22196bfb76  x86_64/10.1/RPMS/lib64gdk-pixbuf2-devel-0.22.0-5.1.101mdk.x86_64.rpm
 d106ccd550bf9d9e32ee279eed8a5eba  x86_64/10.1/SRPMS/gdk-pixbuf-0.22.0-5.1.101mdk.src.rpm

 Corporate 3.0:
 451bbbd4bd336dee287fba9b29f635e4  corporate/3.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.C30mdk.i586.rpm
 acb446883025bdf03429fecd7123f867  corporate/3.0/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-2.3.C30mdk.i586.rpm
 5c9ef2fcd3a3d290898478832583c98f  corporate/3.0/RPMS/libgdk-pixbuf-xlib2-0.22.0-2.3.C30mdk.i586.rpm
 f111de3c371cbb9b7f9d93cdee94250f  corporate/3.0/RPMS/libgdk-pixbuf2-0.22.0-2.3.C30mdk.i586.rpm
 1a17bf4e8148d703b543d7cc6548aae4  corporate/3.0/RPMS/libgdk-pixbuf2-devel-0.22.0-2.3.C30mdk.i586.rpm
 39a9fe79245f9bc8ea83e24ae1d34041  corporate/3.0/SRPMS/gdk-pixbuf-0.22.0-2.3.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 e97d3b46e21b4de9d31af7bdd9cf7e73  x86_64/corporate/3.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.C30mdk.x86_64.rpm
 b0a897d394be8925adacb37d705b6f37  x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-2.3.C30mdk.x86_64.rpm
 103253c83fa7b9c79f121157615c3c08  x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-2.3.C30mdk.x86_64.rpm
 6b0d14a317df8bb09866dc287ff06692  x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf2-0.22.0-2.3.C30mdk.x86_64.rpm
 90004b32575925d0721668317b40a8c7  x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf2-devel-0.22.0-2.3.C30mdk.x86_64.rpm
 39a9fe79245f9bc8ea83e24ae1d34041  x86_64/corporate/3.0/SRPMS/gdk-pixbuf-0.22.0-2.3.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCVbhzmqjQ0CJFipgRAsqdAKCrmknhRmBqVGEKHNdDt0geJBhuxgCfVEjW
L94SvoG/PVU6ZaDJzRF+C6Y=
=ZNyw
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ