lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040908013525.4612.qmail@updates.mandrakesoft.com>
From: security at linux-mandrake.com (Mandrake Linux Security Team)
Subject: MDKSA-2004:089 - Updated imlib/imlib2 packages fix BMP crash vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           imlib2
 Advisory ID:            MDKSA-2004:089
 Date:                   September 7th, 2004

 Affected versions:	 10.0, 9.2, Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Marcus Meissner discovered that the imlib and imlib2 libraries are
 also affected with a similar BMP-related vulnerability as the recent
 QT updates. The updated imlib and imlib2 packages are patched to
 protect against this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0802
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 45c2e00642a3261e4f084327bde0759b  10.0/RPMS/imlib-1.9.14-8.1.100mdk.i586.rpm
 76ee25761136e631bc099fd76da43080  10.0/RPMS/imlib-cfgeditor-1.9.14-8.1.100mdk.i586.rpm
 09f1757ab48d983437b0d40acefcf646  10.0/RPMS/libimlib1-1.9.14-8.1.100mdk.i586.rpm
 94567c151d4de01561681faac1f50cbb  10.0/RPMS/libimlib1-devel-1.9.14-8.1.100mdk.i586.rpm
 0f82a3fda2a6d0d22c01f6b342521840  10.0/RPMS/libimlib2_1-1.0.6-4.1.100mdk.i586.rpm
 538f333c36fc795d76889e708021378e  10.0/RPMS/libimlib2_1-devel-1.0.6-4.1.100mdk.i586.rpm
 0f9e9d497591a5df950a47447a7a5295  10.0/RPMS/libimlib2_1-filters-1.0.6-4.1.100mdk.i586.rpm
 44636a6d15888387fa665d1ee1891ec3  10.0/RPMS/libimlib2_1-loaders-1.0.6-4.1.100mdk.i586.rpm
 00f1d3fd452e0fa6099d9f3cb6a1f1d3  10.0/SRPMS/imlib-1.9.14-8.1.100mdk.src.rpm
 c67b09002eb29fc6a3335467a098b0bd  10.0/SRPMS/imlib2-1.0.6-4.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 356ba1d0ed3b224dafc8aa935550f1c8  amd64/10.0/RPMS/imlib-1.9.14-8.1.100mdk.amd64.rpm
 0020bc9b34df76ea0f5957586f4057ca  amd64/10.0/RPMS/imlib-cfgeditor-1.9.14-8.1.100mdk.amd64.rpm
 30b95081b048b4b2a16267e188adf06b  amd64/10.0/RPMS/lib64imlib1-1.9.14-8.1.100mdk.amd64.rpm
 b591c6da970481fdf0eb1737689e5b7c  amd64/10.0/RPMS/lib64imlib1-devel-1.9.14-8.1.100mdk.amd64.rpm
 7851372f5ca5ab3d249906dbd7431690  amd64/10.0/RPMS/lib64imlib2_1-1.0.6-4.1.100mdk.amd64.rpm
 a66906219141ad3eaa156f4d2f18ad80  amd64/10.0/RPMS/lib64imlib2_1-devel-1.0.6-4.1.100mdk.amd64.rpm
 6c086b3408883a5e05426327aa1cf020  amd64/10.0/RPMS/lib64imlib2_1-filters-1.0.6-4.1.100mdk.amd64.rpm
 b017bad9400095893e8faf8456db2937  amd64/10.0/RPMS/lib64imlib2_1-loaders-1.0.6-4.1.100mdk.amd64.rpm
 00f1d3fd452e0fa6099d9f3cb6a1f1d3  amd64/10.0/SRPMS/imlib-1.9.14-8.1.100mdk.src.rpm
 c67b09002eb29fc6a3335467a098b0bd  amd64/10.0/SRPMS/imlib2-1.0.6-4.1.100mdk.src.rpm

 Corporate Server 2.1:
 45155b9dc3c7ca0a08c6277f4d27d8ee  corporate/2.1/RPMS/imlib-1.9.14-5.1.C21mdk.i586.rpm
 dd7059319056c8f87e1d464ef04745fb  corporate/2.1/RPMS/imlib-cfgeditor-1.9.14-5.1.C21mdk.i586.rpm
 4498f5b1821fe1c1aae742f3a97aa2b0  corporate/2.1/RPMS/libimlib1-1.9.14-5.1.C21mdk.i586.rpm
 1f4019dccb0b2e027fd094fb5e079875  corporate/2.1/RPMS/libimlib1-devel-1.9.14-5.1.C21mdk.i586.rpm
 22aadbc163940e8ebecb5142b90a5f56  corporate/2.1/RPMS/libimlib2_1-1.0.5-2.1.C21mdk.i586.rpm
 fd124ccb8b37c6f302405f059eec56da  corporate/2.1/RPMS/libimlib2_1-devel-1.0.5-2.1.C21mdk.i586.rpm
 ab77824f06eaacfba54146ccb5f5a539  corporate/2.1/RPMS/libimlib2_1-filters-1.0.5-2.1.C21mdk.i586.rpm
 ba02b9c07de55f19df4d772b4b6dac39  corporate/2.1/RPMS/libimlib2_1-loaders-1.0.5-2.1.C21mdk.i586.rpm
 efcdd5a520d8313c1e1e4ee46c3c6dd3  corporate/2.1/SRPMS/imlib-1.9.14-5.1.C21mdk.src.rpm
 e4bb939ab61671005eec878af3733533  corporate/2.1/SRPMS/imlib2-1.0.5-2.1.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 f574361c2152d8dbbe39e67b752a0aae  x86_64/corporate/2.1/RPMS/imlib-1.9.14-5.1.C21mdk.x86_64.rpm
 084cf40c7fa5e3dbb3433091c902629d  x86_64/corporate/2.1/RPMS/imlib-cfgeditor-1.9.14-5.1.C21mdk.x86_64.rpm
 87adccfd0de38af4bfac1746e87715fa  x86_64/corporate/2.1/RPMS/libimlib1-1.9.14-5.1.C21mdk.x86_64.rpm
 8627df2906d6f4a5e6d1062219d4a57d  x86_64/corporate/2.1/RPMS/libimlib1-devel-1.9.14-5.1.C21mdk.x86_64.rpm
 9a8a30c93e69eea65f57ee33d5bbbc46  x86_64/corporate/2.1/RPMS/libimlib2_1-1.0.5-2.1.C21mdk.x86_64.rpm
 c335f9793c4ae08a39e8181af4ed6349  x86_64/corporate/2.1/RPMS/libimlib2_1-devel-1.0.5-2.1.C21mdk.x86_64.rpm
 0702ec29b746e5446e03a74082120114  x86_64/corporate/2.1/RPMS/libimlib2_1-filters-1.0.5-2.1.C21mdk.x86_64.rpm
 9d3238eebc7cb6c7bde0c7d7e98a51c4  x86_64/corporate/2.1/RPMS/libimlib2_1-loaders-1.0.5-2.1.C21mdk.x86_64.rpm
 efcdd5a520d8313c1e1e4ee46c3c6dd3  x86_64/corporate/2.1/SRPMS/imlib-1.9.14-5.1.C21mdk.src.rpm
 e4bb939ab61671005eec878af3733533  x86_64/corporate/2.1/SRPMS/imlib2-1.0.5-2.1.C21mdk.src.rpm

 Mandrakelinux 9.2:
 de030104e6dd6bb5c4aa2f076c4514c6  9.2/RPMS/imlib-1.9.14-8.1.92mdk.i586.rpm
 fd99bd742d696ea8ac43aef9ee86d25e  9.2/RPMS/imlib-cfgeditor-1.9.14-8.1.92mdk.i586.rpm
 b1ef54878da62d2e5a69bdf305c574c5  9.2/RPMS/libimlib1-1.9.14-8.1.92mdk.i586.rpm
 08a13f893c88051cbc66c685d8cd635d  9.2/RPMS/libimlib1-devel-1.9.14-8.1.92mdk.i586.rpm
 2e4efaa54b9929fbf2e0e390907b9225  9.2/RPMS/libimlib2_1-1.0.6-4.1.92mdk.i586.rpm
 525c7dc281fb0da4edf99cb3ce7d2545  9.2/RPMS/libimlib2_1-devel-1.0.6-4.1.92mdk.i586.rpm
 cc2460b560c5b11eeb804502954aa038  9.2/RPMS/libimlib2_1-filters-1.0.6-4.1.92mdk.i586.rpm
 e80a879d5da05b68ef5d9cad932ba921  9.2/RPMS/libimlib2_1-loaders-1.0.6-4.1.92mdk.i586.rpm
 7dd8f9265ede345c58d05ae6ed376145  9.2/SRPMS/imlib-1.9.14-8.1.92mdk.src.rpm
 0766a9aead77eec5cec8ebbc06504003  9.2/SRPMS/imlib2-1.0.6-4.1.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 4391a5aecba284eabf0337002fbb924c  amd64/9.2/RPMS/imlib-1.9.14-8.1.92mdk.amd64.rpm
 67ba3ab94dea87029de4a64620c4f066  amd64/9.2/RPMS/imlib-cfgeditor-1.9.14-8.1.92mdk.amd64.rpm
 9edd6ec450997a5773919f8035e9b159  amd64/9.2/RPMS/lib64imlib1-1.9.14-8.1.92mdk.amd64.rpm
 448531d483a3c6499bface39c4cb9dfb  amd64/9.2/RPMS/lib64imlib1-devel-1.9.14-8.1.92mdk.amd64.rpm
 9dc5a05d737d00c5a3a18b23de02c144  amd64/9.2/RPMS/lib64imlib2_1-1.0.6-4.1.92mdk.amd64.rpm
 2bcca43ad1a5138f929ce78cd753100f  amd64/9.2/RPMS/lib64imlib2_1-devel-1.0.6-4.1.92mdk.amd64.rpm
 87cc1762967d2aefe5f46e43a2d546b2  amd64/9.2/RPMS/lib64imlib2_1-filters-1.0.6-4.1.92mdk.amd64.rpm
 dbabc4165886cfeaa2c234ee7ed5b277  amd64/9.2/RPMS/lib64imlib2_1-loaders-1.0.6-4.1.92mdk.amd64.rpm
 7dd8f9265ede345c58d05ae6ed376145  amd64/9.2/SRPMS/imlib-1.9.14-8.1.92mdk.src.rpm
 0766a9aead77eec5cec8ebbc06504003  amd64/9.2/SRPMS/imlib2-1.0.6-4.1.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBPmHdmqjQ0CJFipgRAtrNAKCWhGfd/AmnMpvDOcqKiALeKFDeXwCeMcBO
GhwJ5+6DeKiIDuXHEs2o9TE=
=QiSZ
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ