lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1Ghduy-0007PH-97@mercury.mandriva.com>
Date: Tue,  7 Nov 2006 20:16:00 -0700
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDKSA-2006:198-1 ] - Updated imlib2 packages fix several vulnerabilities


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                       MDKSA-2006:198-1
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : imlib2
 Date    : November 6, 2006
 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 M Joonas Pihlaja discovered several vulnerabilities in the Imlib2
 graphics library.

 The load() function of several of the Imlib2 image loaders does not
 check the width and height of an image before allocating memory. As a
 result, a carefully crafted image file can trigger a segfault when an
 application using Imlib2 attempts to view the image. (CVE-2006-4806)

 The tga loader fails to bounds check input data to make sure the input
 data doesn't load outside the memory mapped region. (CVE-2006-4807)

 The RLE decoding loops of the load() function in the tga loader does
 not check that the count byte of an RLE packet doesn't cause a heap
 overflow of the pixel buffer. (CVE-2006-4808)

 The load() function of the pnm loader writes arbitrary length user data
 into a fixed size stack allocated buffer buf[] without bounds checking.
 (CVE-2006-4809)  Updated packages have been patched to correct these
 issues.

 Update:

 An error in the preivous patchset may affect JPEG image handling for
 certain valid images. This new update corrects this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4806
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4807
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4808
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4809
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 4cd544b96a2bcaed32012a3636628b32  2006.0/i586/imlib2-data-1.2.1-1.3.20060mdk.i586.rpm
 da17344a1e28fdfd4be087e9ec092a0c  2006.0/i586/libimlib2_1-1.2.1-1.3.20060mdk.i586.rpm
 f15225db7b1b03b814d263a42a304aad  2006.0/i586/libimlib2_1-devel-1.2.1-1.3.20060mdk.i586.rpm
 fa7f076f50636badeee3bfb7965675ab  2006.0/i586/libimlib2_1-filters-1.2.1-1.3.20060mdk.i586.rpm
 c0d54a209a44785ae720c5a4426dbd64  2006.0/i586/libimlib2_1-loaders-1.2.1-1.3.20060mdk.i586.rpm 
 6ebb0fd9da5156686618d43f2188c8ef  2006.0/SRPMS/imlib2-1.2.1-1.3.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 1be1988c5aea7a22770c5d39675a321b  2006.0/x86_64/imlib2-data-1.2.1-1.3.20060mdk.x86_64.rpm
 fb2293ecdf47bda1e4d1ce67c9539442  2006.0/x86_64/lib64imlib2_1-1.2.1-1.3.20060mdk.x86_64.rpm
 4d8beff4cb21b5e6003c46774ce04cd3  2006.0/x86_64/lib64imlib2_1-devel-1.2.1-1.3.20060mdk.x86_64.rpm
 95ec706c26a480effa71ee7458f0523a  2006.0/x86_64/lib64imlib2_1-filters-1.2.1-1.3.20060mdk.x86_64.rpm
 4f412783aef1934e0e8f7b2523b67b19  2006.0/x86_64/lib64imlib2_1-loaders-1.2.1-1.3.20060mdk.x86_64.rpm 
 6ebb0fd9da5156686618d43f2188c8ef  2006.0/SRPMS/imlib2-1.2.1-1.3.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 e5e136bb1d119892a4a2a4c87e9b3903  2007.0/i586/imlib2-data-1.2.2-3.2mdv2007.0.i586.rpm
 f0c1a6296bc04c896a37a432b9d2ee31  2007.0/i586/libimlib2_1-1.2.2-3.2mdv2007.0.i586.rpm
 edb6a88f3e8a9a268ebc2395919f2b78  2007.0/i586/libimlib2_1-devel-1.2.2-3.2mdv2007.0.i586.rpm
 676be1d6f7d78da826dea6be8535c11e  2007.0/i586/libimlib2_1-filters-1.2.2-3.2mdv2007.0.i586.rpm
 0a9bb4cd967f3286c90c65bd20c35e8a  2007.0/i586/libimlib2_1-loaders-1.2.2-3.2mdv2007.0.i586.rpm 
 ce6b02c1d58cc7a6c7be69c0a84fba82  2007.0/SRPMS/imlib2-1.2.2-3.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 26e871cf8a946029fdc8a87d8d8fc16d  2007.0/x86_64/imlib2-data-1.2.2-3.2mdv2007.0.x86_64.rpm
 6bde1a406b60edb87c1b57adbd04b36e  2007.0/x86_64/lib64imlib2_1-1.2.2-3.2mdv2007.0.x86_64.rpm
 c032f45d676b806b57d7b7496b7ba41c  2007.0/x86_64/lib64imlib2_1-devel-1.2.2-3.2mdv2007.0.x86_64.rpm
 e485af5e82b804ffec13ef705a02c2e8  2007.0/x86_64/lib64imlib2_1-filters-1.2.2-3.2mdv2007.0.x86_64.rpm
 4a143c2997b57f00a27bc6c7ecce1e06  2007.0/x86_64/lib64imlib2_1-loaders-1.2.2-3.2mdv2007.0.x86_64.rpm 
 ce6b02c1d58cc7a6c7be69c0a84fba82  2007.0/SRPMS/imlib2-1.2.2-3.2mdv2007.0.src.rpm

 Corporate 3.0:
 ef3cd741c034592c271bfffa31b5fd89  corporate/3.0/i586/libimlib2_1-1.0.6-4.4.C30mdk.i586.rpm
 c808de39609104891a3302b587b2898f  corporate/3.0/i586/libimlib2_1-devel-1.0.6-4.4.C30mdk.i586.rpm
 2cc5b0560275b6917d90fe8f014b466d  corporate/3.0/i586/libimlib2_1-filters-1.0.6-4.4.C30mdk.i586.rpm
 01b3b38db8e92c34167c2fa6ffe647bc  corporate/3.0/i586/libimlib2_1-loaders-1.0.6-4.4.C30mdk.i586.rpm 
 a14e20f0fae8209d5d82d1fb3e28a82d  corporate/3.0/SRPMS/imlib2-1.0.6-4.4.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 a3a3ddac9e0364367134c2981007c96b  corporate/3.0/x86_64/lib64imlib2_1-1.0.6-4.4.C30mdk.x86_64.rpm
 511b57c0bfd6e4e8fcfd1a4f64ce28d4  corporate/3.0/x86_64/lib64imlib2_1-devel-1.0.6-4.4.C30mdk.x86_64.rpm
 1393decfcd932de1e65123d5e76395fb  corporate/3.0/x86_64/lib64imlib2_1-filters-1.0.6-4.4.C30mdk.x86_64.rpm
 b9e803f9ad9c34c1d25e48c9bbf06120  corporate/3.0/x86_64/lib64imlib2_1-loaders-1.0.6-4.4.C30mdk.x86_64.rpm 
 a14e20f0fae8209d5d82d1fb3e28a82d  corporate/3.0/SRPMS/imlib2-1.0.6-4.4.C30mdk.src.rpm

 Corporate 4.0:
 855099dbe15e10e0a9717921a1627976  corporate/4.0/i586/imlib2-data-1.2.1-1.3.20060mlcs4.i586.rpm
 e53b851d8cd7d68193f566c30e71c329  corporate/4.0/i586/libimlib2_1-1.2.1-1.3.20060mlcs4.i586.rpm
 f04d6e820a44f73d97982ff0c191dd74  corporate/4.0/i586/libimlib2_1-devel-1.2.1-1.3.20060mlcs4.i586.rpm
 b978c2cad3d02cd65bdc564992071557  corporate/4.0/i586/libimlib2_1-filters-1.2.1-1.3.20060mlcs4.i586.rpm
 b1eb762b86e4fad4290da6d5ee4573aa  corporate/4.0/i586/libimlib2_1-loaders-1.2.1-1.3.20060mlcs4.i586.rpm 
 7703412328a1508cec0a61661f373c1b  corporate/4.0/SRPMS/imlib2-1.2.1-1.3.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 ccec9056b57574dd17bb56b4b1423567  corporate/4.0/x86_64/imlib2-data-1.2.1-1.3.20060mlcs4.x86_64.rpm
 884dad892370cdbd3e693cbb0ee6cb2d  corporate/4.0/x86_64/lib64imlib2_1-1.2.1-1.3.20060mlcs4.x86_64.rpm
 6832b40e2e31f6244caff8818ee3d91c  corporate/4.0/x86_64/lib64imlib2_1-devel-1.2.1-1.3.20060mlcs4.x86_64.rpm
 1bce9e9f26e43af8625e83cb15792747  corporate/4.0/x86_64/lib64imlib2_1-filters-1.2.1-1.3.20060mlcs4.x86_64.rpm
 57bf86f98c4595cd269723559de2bb9e  corporate/4.0/x86_64/lib64imlib2_1-loaders-1.2.1-1.3.20060mlcs4.x86_64.rpm 
 7703412328a1508cec0a61661f373c1b  corporate/4.0/SRPMS/imlib2-1.2.1-1.3.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFUR6bmqjQ0CJFipgRAtp7AKDF4s3BY9qiPof2ePjFMwheJFCdsgCghARe
V0zoNe+7aaMEQfcN0WFLJ8g=
=1wJ4
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ