[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070704224840.GC29861@outflux.net>
Date: Wed, 4 Jul 2007 15:48:40 -0700
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: [USN-480-1] Gimp vulnerability
===========================================================
Ubuntu Security Notice USN-480-1 July 04, 2007
gimp vulnerability
CVE-2007-2949
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
gimp 2.2.11-1ubuntu3.3
Ubuntu 6.10:
gimp 2.2.13-1ubuntu3.2
Ubuntu 7.04:
gimp 2.2.13-1ubuntu4.2
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Stefan Cornelius discovered that Gimp could miscalculate the size of heap
buffers when processing PSD images. By tricking a user into opening a
specially crafted PSD file with Gimp, an attacker could exploit this to
execute arbitrary code with the user's privileges.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.11-1ubuntu3.3.diff.gz
Size/MD5: 34697 5e4618f2df99489b5329fe3eaac1a14e
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.11-1ubuntu3.3.dsc
Size/MD5: 1264 f694f866d0fcc945d6bdeb39caf417d2
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.11.orig.tar.gz
Size/MD5: 18549092 c4312189e3a7f869a26874854dc6a1d7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-data_2.2.11-1ubuntu3.3_all.deb
Size/MD5: 2093646 c22b5b1f08abad78116b0e2390a4248c
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-doc_2.2.11-1ubuntu3.3_all.deb
Size/MD5: 527636 723993918c6441a319e6fab7f23cf2d2
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-dbg_2.2.11-1ubuntu3.3_amd64.deb
Size/MD5: 8473614 8341df8c6dbf6cdeb2d0151ec7c317fd
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.11-1ubuntu3.3_amd64.deb
Size/MD5: 53300 1d1a6d2dedf177abc191845f408d1c48
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.11-1ubuntu3.3_amd64.deb
Size/MD5: 133682 6fa4416caecfc1fbc4ad5cf2de0d27ac
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.11-1ubuntu3.3_amd64.deb
Size/MD5: 53358 b4cc98c90cabf637a8ac754f4eeb497f
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.11-1ubuntu3.3_amd64.deb
Size/MD5: 3148298 80b4ca2df5d73a49290f654b4c2ae207
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.11-1ubuntu3.3_amd64.deb
Size/MD5: 108934 2d4f5dd440e13d1c98653c6bc2b279e3
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.11-1ubuntu3.3_amd64.deb
Size/MD5: 453644 20357a4742e5affd82c06410bdf87306
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-dbg_2.2.11-1ubuntu3.3_i386.deb
Size/MD5: 7197410 cbd1d9a3261124b02cd36bc8dacf4752
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.11-1ubuntu3.3_i386.deb
Size/MD5: 51992 e3bd2a1f092b29707fd4f01c20f4a263
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.11-1ubuntu3.3_i386.deb
Size/MD5: 126072 0b44a5031e3d76273ab787afe695d66c
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.11-1ubuntu3.3_i386.deb
Size/MD5: 52428 052f5406f4f3ea2b3fa2e4fdead4d6ed
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.11-1ubuntu3.3_i386.deb
Size/MD5: 2778040 987110c37fad91d0789282d27143fd56
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.11-1ubuntu3.3_i386.deb
Size/MD5: 108920 060899e511d0e9fd5b06cc9ef894b19e
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.11-1ubuntu3.3_i386.deb
Size/MD5: 410510 58c11f2802be1f1fc2352a91d0d4ca38
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-dbg_2.2.11-1ubuntu3.3_powerpc.deb
Size/MD5: 8506818 e1c01b45615aa371b2de948516e4a353
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.11-1ubuntu3.3_powerpc.deb
Size/MD5: 53764 bcabb4fb0aff11bfc3b203dc1da4aeac
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.11-1ubuntu3.3_powerpc.deb
Size/MD5: 129592 283e1a4a804c5bbaccf942bcf1667e61
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.11-1ubuntu3.3_powerpc.deb
Size/MD5: 54414 d6d4319437fbdaa3007d5bb44bf86591
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.11-1ubuntu3.3_powerpc.deb
Size/MD5: 3229284 7d92ee31f38e3775f5ae5b666d119ac4
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.11-1ubuntu3.3_powerpc.deb
Size/MD5: 108956 1789be4e3d09af0b3afe17fe1d83b6b3
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.11-1ubuntu3.3_powerpc.deb
Size/MD5: 445070 b217e258c69b2dd01815123fd7d5603e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-dbg_2.2.11-1ubuntu3.3_sparc.deb
Size/MD5: 7493926 08201cfd46cbd6cf512e13187b3577e9
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.11-1ubuntu3.3_sparc.deb
Size/MD5: 52156 1cc0ecd522a299bbd10d6c4d4e098238
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.11-1ubuntu3.3_sparc.deb
Size/MD5: 127378 ce1c08f2ecb95120956d2f0ba24393f3
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.11-1ubuntu3.3_sparc.deb
Size/MD5: 52624 d17e2063823f85fcef47640e9dc06d4b
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.11-1ubuntu3.3_sparc.deb
Size/MD5: 2821660 647e366e8bd0ae87025f1cf07d9b5d85
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.11-1ubuntu3.3_sparc.deb
Size/MD5: 108920 36b20df7ca99c639e66e86499e79a823
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.11-1ubuntu3.3_sparc.deb
Size/MD5: 428956 169aa45233bb078bc35962732f5a19db
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu3.2.diff.gz
Size/MD5: 30556 ac92ff277574576dc3cacbe53c276163
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu3.2.dsc
Size/MD5: 1276 2d9893246848d09d71aec7fbfe798a46
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13.orig.tar.gz
Size/MD5: 18816434 20c3cd6b730c11da4d70671ed047f803
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-data_2.2.13-1ubuntu3.2_all.deb
Size/MD5: 2105032 c83223f87b66cc4fff2d97d30ad50c1d
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-doc_2.2.13-1ubuntu3.2_all.deb
Size/MD5: 556686 ce8d4a0f5ff825161eb5b170e6faa07b
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-dbg_2.2.13-1ubuntu3.2_amd64.deb
Size/MD5: 8425954 d63a25bb3cd01146f14969f2220ae36b
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.13-1ubuntu3.2_amd64.deb
Size/MD5: 65346 a9bf0fbb79f2516bd130ba824017c8a1
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.13-1ubuntu3.2_amd64.deb
Size/MD5: 146110 6543f3fd33ecd82bcb334591040c7408
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.13-1ubuntu3.2_amd64.deb
Size/MD5: 65584 7c319e4988bdd996ac0828aed17ac768
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu3.2_amd64.deb
Size/MD5: 3226316 9c19ed8ab180f8d7610252e74be8d90c
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.13-1ubuntu3.2_amd64.deb
Size/MD5: 119872 33f136166da7d85ec7dd25a914c0bea2
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.13-1ubuntu3.2_amd64.deb
Size/MD5: 467064 936278e7cfe77ae37d193ab9db17f9d2
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-dbg_2.2.13-1ubuntu3.2_i386.deb
Size/MD5: 7732276 4d43a51ed23fc5c60be15e2399eff8a8
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.13-1ubuntu3.2_i386.deb
Size/MD5: 64320 4e2db03e95ff0c6629ca0e4b9366ae4a
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.13-1ubuntu3.2_i386.deb
Size/MD5: 139898 9ddca4b8ed2a5429d2126756f391c1b7
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.13-1ubuntu3.2_i386.deb
Size/MD5: 64612 e79a95963144005251771ffdc9996a61
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu3.2_i386.deb
Size/MD5: 2961158 7edc7006cca4337113e591bb50cecfbe
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.13-1ubuntu3.2_i386.deb
Size/MD5: 119886 237f7dde997a8dff8ff190e5dde644e1
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.13-1ubuntu3.2_i386.deb
Size/MD5: 434526 6760c041fc10a755634f637b8edad40a
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-dbg_2.2.13-1ubuntu3.2_powerpc.deb
Size/MD5: 8625200 b14d21957914b06afa09cfd06569ca43
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.13-1ubuntu3.2_powerpc.deb
Size/MD5: 65796 b67c43aba6c3260c16d4379cda4ac1a2
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.13-1ubuntu3.2_powerpc.deb
Size/MD5: 142366 e15b677c2cccdb7b5e9b2647141d4f8a
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.13-1ubuntu3.2_powerpc.deb
Size/MD5: 66402 c76840dfb2bdfea8500fc31b87db6332
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu3.2_powerpc.deb
Size/MD5: 3332880 72794278288db5ec215ed4d3bed38250
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.13-1ubuntu3.2_powerpc.deb
Size/MD5: 119910 c94591e5cdc838ef49f221af706ea14c
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.13-1ubuntu3.2_powerpc.deb
Size/MD5: 460352 ee1d41dc8e9660a71e21958b76cb4ae6
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-dbg_2.2.13-1ubuntu3.2_sparc.deb
Size/MD5: 7819080 1485007d30db0831477d6602ea5a84e7
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.13-1ubuntu3.2_sparc.deb
Size/MD5: 64202 f31fbdf3092fdec0011df59a591bd588
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.13-1ubuntu3.2_sparc.deb
Size/MD5: 139992 a0e9e0d5aceba6b324f60139bb81c097
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.13-1ubuntu3.2_sparc.deb
Size/MD5: 64722 f7f53e96dd4963f267d4683404f39eb2
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu3.2_sparc.deb
Size/MD5: 2915400 4185b6b79ac0efa91e72592154c7047b
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.13-1ubuntu3.2_sparc.deb
Size/MD5: 119892 16abfe121e3ffea933d43103b804f50e
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.13-1ubuntu3.2_sparc.deb
Size/MD5: 441974 9c1834fc9ab6d84603040a0cfd89ddc3
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu4.2.diff.gz
Size/MD5: 30654 9bc8455a0eb5a73e6f60b9b8bdbbfda5
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu4.2.dsc
Size/MD5: 1360 77fc2fe02d67b43c468eadbc3dac908a
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13.orig.tar.gz
Size/MD5: 18816434 20c3cd6b730c11da4d70671ed047f803
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-data_2.2.13-1ubuntu4.2_all.deb
Size/MD5: 2105044 8ecb5b149ccabaa42c971b92119ec418
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-doc_2.2.13-1ubuntu4.2_all.deb
Size/MD5: 556746 c3dc46d6f48ef382303998a3b4552621
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-dbg_2.2.13-1ubuntu4.2_amd64.deb
Size/MD5: 8443842 d99eb8edc9e2dadb302a64557039cfb8
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.13-1ubuntu4.2_amd64.deb
Size/MD5: 65500 ce0a3fef81dde472cdec5b89c21e7426
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.13-1ubuntu4.2_amd64.deb
Size/MD5: 145954 c9446039956dfece2c07846cc1647190
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.13-1ubuntu4.2_amd64.deb
Size/MD5: 65746 36823b1301d33c58ed9f8651407a1df2
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu4.2_amd64.deb
Size/MD5: 3241020 2673a312973116c786645ba707ce0abc
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.13-1ubuntu4.2_amd64.deb
Size/MD5: 119984 c50d05e85f09bb85d2e6432d70aa1e7e
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.13-1ubuntu4.2_amd64.deb
Size/MD5: 473768 3b3fa199c414afd5302efd0b6a075816
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-dbg_2.2.13-1ubuntu4.2_i386.deb
Size/MD5: 7738622 231964ed23afc2b94c32aca185fc8f13
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.13-1ubuntu4.2_i386.deb
Size/MD5: 64474 964745594be18e39c0670030b5a65917
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.13-1ubuntu4.2_i386.deb
Size/MD5: 139924 addc9b3fef097a6a582ac79fc6a4f9c3
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.13-1ubuntu4.2_i386.deb
Size/MD5: 64802 7f53cb5d14d02e9c75903187eafeb49a
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu4.2_i386.deb
Size/MD5: 2968946 e55782acb574f6c3057bc14a708aea40
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.13-1ubuntu4.2_i386.deb
Size/MD5: 119964 8d7c245d7a605be411a6008cc6fa7b41
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.13-1ubuntu4.2_i386.deb
Size/MD5: 441168 cb773380abe58f5c8eafd28ca7c1b469
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-dbg_2.2.13-1ubuntu4.2_powerpc.deb
Size/MD5: 8633970 2f78a9f4571029747feae6204b79b7ce
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.13-1ubuntu4.2_powerpc.deb
Size/MD5: 68734 e39836b2b69363216d79b0e5a060c9d5
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.13-1ubuntu4.2_powerpc.deb
Size/MD5: 146212 9ee0e5d188d84532c28167962166b47a
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.13-1ubuntu4.2_powerpc.deb
Size/MD5: 69362 808f3c0e89984cdaa731e35bb74e8e23
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu4.2_powerpc.deb
Size/MD5: 3627986 59faf93a2e046c6342e6872cc044e00d
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.13-1ubuntu4.2_powerpc.deb
Size/MD5: 119988 3a3c894c463cffcba39792b9a881732a
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.13-1ubuntu4.2_powerpc.deb
Size/MD5: 491264 24f70a92bbdd996036cec2978e70249b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-dbg_2.2.13-1ubuntu4.2_sparc.deb
Size/MD5: 7838012 c23e1ec30bb7fee7815180663c3eafd6
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-helpbrowser_2.2.13-1ubuntu4.2_sparc.deb
Size/MD5: 65152 27bb1368281c4a6d72eb1da98f0bec35
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp-python_2.2.13-1ubuntu4.2_sparc.deb
Size/MD5: 140036 58a8d281a3852405f86bad4727609700
http://security.ubuntu.com/ubuntu/pool/universe/g/gimp/gimp-svg_2.2.13-1ubuntu4.2_sparc.deb
Size/MD5: 65658 c78b7ebd4b119c805652a586191ca2f2
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/gimp_2.2.13-1ubuntu4.2_sparc.deb
Size/MD5: 3018588 e8d34afd2b1f1780be757fd46fe242ec
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0-dev_2.2.13-1ubuntu4.2_sparc.deb
Size/MD5: 119970 3c2844094811a9023908f9ce6bcfc2ed
http://security.ubuntu.com/ubuntu/pool/main/g/gimp/libgimp2.0_2.2.13-1ubuntu4.2_sparc.deb
Size/MD5: 449178 38609306108bce832c89fc63f8dfab02
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
Powered by blists - more mailing lists