| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 25 Jun 2008 13:09:00 -0600 From: security@...driva.com To: bugtraq@...urityfocus.com Subject: [ MDVSA-2008:123 ] - Updated imlib2 packages fix vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:123 http://www.mandriva.com/security/ _______________________________________________________________________ Package : imlib2 Date : June 25, 2008 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0 _______________________________________________________________________ Problem Description: Stefan Cornelius discovered two buffer overflows in Imlib's image loaders for PNM and XPM images, which could possibly result in the execution of arbitrary code (CVE-2008-2426). The updated packages have been patched to prevent this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: 1ecafd85391001ebb4d30209552309ba 2007.1/i586/imlib2-data-1.2.2-3.2mdv2007.1.i586.rpm 3737a0a9fd33471a724f6f8902dd9726 2007.1/i586/libimlib2_1-1.2.2-3.2mdv2007.1.i586.rpm bdca73870489834a7237723734c2cfe9 2007.1/i586/libimlib2_1-devel-1.2.2-3.2mdv2007.1.i586.rpm 09a10fa2bfac9b0a4bc544e4b4a5c2c0 2007.1/i586/libimlib2_1-filters-1.2.2-3.2mdv2007.1.i586.rpm cf47069a5a66673ab43d96ca45fe00a7 2007.1/i586/libimlib2_1-loaders-1.2.2-3.2mdv2007.1.i586.rpm 75afe69b0e922d72122bd3a4498bfe8f 2007.1/SRPMS/imlib2-1.2.2-3.2mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: a849312fa506167d86addce88916b87a 2007.1/x86_64/imlib2-data-1.2.2-3.2mdv2007.1.x86_64.rpm f479fa3a9822eda1ee711c64e4371295 2007.1/x86_64/lib64imlib2_1-1.2.2-3.2mdv2007.1.x86_64.rpm 8608807fe46db99a5812bc06e893e334 2007.1/x86_64/lib64imlib2_1-devel-1.2.2-3.2mdv2007.1.x86_64.rpm 188de9396d778da58af40db064d85589 2007.1/x86_64/lib64imlib2_1-filters-1.2.2-3.2mdv2007.1.x86_64.rpm 2e60dccd71bbd149859beaa786234616 2007.1/x86_64/lib64imlib2_1-loaders-1.2.2-3.2mdv2007.1.x86_64.rpm 75afe69b0e922d72122bd3a4498bfe8f 2007.1/SRPMS/imlib2-1.2.2-3.2mdv2007.1.src.rpm Mandriva Linux 2008.0: 1214ee42f4076fec8704794bc767916e 2008.0/i586/imlib2-data-1.4.0.003-2.1mdv2008.0.i586.rpm eb5319b2c8cb33a204332822e6349201 2008.0/i586/libimlib2_1-1.4.0.003-2.1mdv2008.0.i586.rpm ea8dbec91f1a8299550f2ff4acb17980 2008.0/i586/libimlib2_1-filters-1.4.0.003-2.1mdv2008.0.i586.rpm 6362adf88ef3e4179f9a31b9acb20dcb 2008.0/i586/libimlib2_1-loaders-1.4.0.003-2.1mdv2008.0.i586.rpm 116ac3cb141512cc78adb8a1f4c37ecb 2008.0/i586/libimlib2-devel-1.4.0.003-2.1mdv2008.0.i586.rpm 42f76cee20ca495e92f7ba5ca98408e8 2008.0/SRPMS/imlib2-1.4.0.003-2.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: f3ec35cf049082651ef9f4db223e830b 2008.0/x86_64/imlib2-data-1.4.0.003-2.1mdv2008.0.x86_64.rpm dccec6f91c995c5ac32c0c6de00b2acc 2008.0/x86_64/lib64imlib2_1-1.4.0.003-2.1mdv2008.0.x86_64.rpm 7fb7d920e314dcbfba83d0205c58e5a7 2008.0/x86_64/lib64imlib2_1-filters-1.4.0.003-2.1mdv2008.0.x86_64.rpm 4285b0a221052eabb0287873c615e6bc 2008.0/x86_64/lib64imlib2_1-loaders-1.4.0.003-2.1mdv2008.0.x86_64.rpm 5b3650f57fc915e344cb53366c865de6 2008.0/x86_64/lib64imlib2-devel-1.4.0.003-2.1mdv2008.0.x86_64.rpm 42f76cee20ca495e92f7ba5ca98408e8 2008.0/SRPMS/imlib2-1.4.0.003-2.1mdv2008.0.src.rpm Mandriva Linux 2008.1: 61630dec23098687773aa4fdec0da7de 2008.1/i586/imlib2-data-1.4.0.003-4.1mdv2008.1.i586.rpm 31eca31bf55a696bda613046687bb3c2 2008.1/i586/libimlib2_1-1.4.0.003-4.1mdv2008.1.i586.rpm 7292f56c20d9413cfd826e3f7d4ed04b 2008.1/i586/libimlib2_1-filters-1.4.0.003-4.1mdv2008.1.i586.rpm 5fce6ab5d5dca0077c0a86b3a3d73c33 2008.1/i586/libimlib2_1-loaders-1.4.0.003-4.1mdv2008.1.i586.rpm 85bda71fab55a242d68336f4267e0188 2008.1/i586/libimlib2-devel-1.4.0.003-4.1mdv2008.1.i586.rpm 8c34ee1b5d7ba25a4e38991212628a73 2008.1/SRPMS/imlib2-1.4.0.003-4.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: f3dd712617045232ceecaa82a3177352 2008.1/x86_64/imlib2-data-1.4.0.003-4.1mdv2008.1.x86_64.rpm b06834c0f22ccfc256681a48a93033a3 2008.1/x86_64/lib64imlib2_1-1.4.0.003-4.1mdv2008.1.x86_64.rpm 5ea2f28aab852d9f62693dcc5e8ecdd4 2008.1/x86_64/lib64imlib2_1-filters-1.4.0.003-4.1mdv2008.1.x86_64.rpm b6e8fba14f5b8da8d54c167f5ea25da7 2008.1/x86_64/lib64imlib2_1-loaders-1.4.0.003-4.1mdv2008.1.x86_64.rpm b04ebb76f8efac0d2a02f49d34443918 2008.1/x86_64/lib64imlib2-devel-1.4.0.003-4.1mdv2008.1.x86_64.rpm 8c34ee1b5d7ba25a4e38991212628a73 2008.1/SRPMS/imlib2-1.4.0.003-4.1mdv2008.1.src.rpm Corporate 3.0: 22503a39dda4bfffe3c65232e7d87c93 corporate/3.0/i586/libimlib2_1-1.0.6-4.5.C30mdk.i586.rpm a03ce61ccf1c8c5070a168c5349b358c corporate/3.0/i586/libimlib2_1-devel-1.0.6-4.5.C30mdk.i586.rpm 58d70546c96b5a46ac8ca01f1ff3384e corporate/3.0/i586/libimlib2_1-filters-1.0.6-4.5.C30mdk.i586.rpm 42916631379dd652af28865ac46d03b6 corporate/3.0/i586/libimlib2_1-loaders-1.0.6-4.5.C30mdk.i586.rpm b494bd83d273dd46d71eca324bca5416 corporate/3.0/SRPMS/imlib2-1.0.6-4.5.C30mdk.src.rpm Corporate 3.0/X86_64: 1f3bd632cf8d35c6d39b246f1249579a corporate/3.0/x86_64/lib64imlib2_1-1.0.6-4.5.C30mdk.x86_64.rpm 2a9b0f77a8b889e06f779274e0008fc8 corporate/3.0/x86_64/lib64imlib2_1-devel-1.0.6-4.5.C30mdk.x86_64.rpm f7dbc8a2aa66932553ce5766f8bd7566 corporate/3.0/x86_64/lib64imlib2_1-filters-1.0.6-4.5.C30mdk.x86_64.rpm 0fc7214ac8520db812f4fb3c7feb844e corporate/3.0/x86_64/lib64imlib2_1-loaders-1.0.6-4.5.C30mdk.x86_64.rpm b494bd83d273dd46d71eca324bca5416 corporate/3.0/SRPMS/imlib2-1.0.6-4.5.C30mdk.src.rpm Corporate 4.0: 71d4dd6004a7a8fdd021c9ee3e12833e corporate/4.0/i586/imlib2-data-1.2.1-1.4.20060mlcs4.i586.rpm 64ea155ea7d232ec0cd4ca0312d46d6b corporate/4.0/i586/libimlib2_1-1.2.1-1.4.20060mlcs4.i586.rpm d32d8308dc1e1c255b3a0760347fb309 corporate/4.0/i586/libimlib2_1-devel-1.2.1-1.4.20060mlcs4.i586.rpm 68d0ad2024383f05cc1609fbba6fd2ad corporate/4.0/i586/libimlib2_1-filters-1.2.1-1.4.20060mlcs4.i586.rpm 232ee295638c7403f493c39b5ce4813e corporate/4.0/i586/libimlib2_1-loaders-1.2.1-1.4.20060mlcs4.i586.rpm dba76014532c7a9b1c8ba646324263ae corporate/4.0/SRPMS/imlib2-1.2.1-1.4.20060mlcs4.src.rpm Corporate 4.0/X86_64: 0e36868fe671a6e97ed37b7e272abe06 corporate/4.0/x86_64/imlib2-data-1.2.1-1.4.20060mlcs4.x86_64.rpm 5037005d5d71e60e75d283cef7c8704e corporate/4.0/x86_64/lib64imlib2_1-1.2.1-1.4.20060mlcs4.x86_64.rpm c822cf77f4cca4e4edd602d25db126ea corporate/4.0/x86_64/lib64imlib2_1-devel-1.2.1-1.4.20060mlcs4.x86_64.rpm a448734f54c6e97f287a441a711aa8f3 corporate/4.0/x86_64/lib64imlib2_1-filters-1.2.1-1.4.20060mlcs4.x86_64.rpm 74d9ee28fc94bbc2d44162fc1d4efe33 corporate/4.0/x86_64/lib64imlib2_1-loaders-1.2.1-1.4.20060mlcs4.x86_64.rpm dba76014532c7a9b1c8ba646324263ae corporate/4.0/SRPMS/imlib2-1.2.1-1.4.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIYmvvmqjQ0CJFipgRAupZAJ44Mn0CGl9nhfCba/LxlZ8rHG3NywCgxVz2 THkDcXYGQo9+HLuvSHEuCJg= =yEaf -----END PGP SIGNATURE-----
Powered by blists - more mailing lists