| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Aug 2009 02:13:00 +0200 From: security@...driva.com To: full-disclosure@...ts.grok.org.uk Subject: [ MDVSA-2009:204 ] wxgtk -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:204 http://www.mandriva.com/security/ _______________________________________________________________________ Package : wxgtk Date : August 16, 2009 Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability has been found and corrected in wxgtk: Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JPEG file, which triggers a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information (CVE-2009-2369). This update provides a solution to this vulnerability. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: 9dc6e8e719baf1d987f97bbde60712de 2008.1/i586/libwxgtk2.6-2.6.4-14.1mdv2008.1.i586.rpm f23c5030971ed93b3c74b879ebbb3b8b 2008.1/i586/libwxgtk2.6-devel-2.6.4-14.1mdv2008.1.i586.rpm 7cf2e7531b37fc6bc28a791a095d487f 2008.1/i586/libwxgtk2.8-2.8.7-1.1mdv2008.1.i586.rpm 08620a61436b7199be2be7a9399a34bd 2008.1/i586/libwxgtk2.8-devel-2.8.7-1.1mdv2008.1.i586.rpm 891255432a74d7d58aeb026a1d3b4109 2008.1/i586/libwxgtkgl2.6-2.6.4-14.1mdv2008.1.i586.rpm a396ce4233ad2bae3d4a134abe732645 2008.1/i586/libwxgtkgl2.8-2.8.7-1.1mdv2008.1.i586.rpm 5d2773bb963bf098176a4a8dc60d365d 2008.1/i586/libwxgtkglu2.6-2.6.4-14.1mdv2008.1.i586.rpm 48bbf610793fa67426aca1299a9a164b 2008.1/i586/libwxgtkglu2.8-2.8.7-1.1mdv2008.1.i586.rpm c4714e02fa1513936752b8aa7f19a808 2008.1/i586/libwxgtku2.6-2.6.4-14.1mdv2008.1.i586.rpm ff783e25a50136dc6d3eeb68408ea30b 2008.1/i586/libwxgtku2.6-devel-2.6.4-14.1mdv2008.1.i586.rpm e99b37d7d2e75aa6f258e4c6b27a9722 2008.1/i586/libwxgtku2.8-2.8.7-1.1mdv2008.1.i586.rpm c5ed76e85ce79e03d353abccbbffbe30 2008.1/i586/libwxgtku2.8-devel-2.8.7-1.1mdv2008.1.i586.rpm 7d076f5552f8b24410d5e59d138f63bd 2008.1/i586/wxGTK2.6-2.6.4-14.1mdv2008.1.i586.rpm 08d35eef3c6dd8abaa2956f8a87ebae2 2008.1/i586/wxgtk2.8-2.8.7-1.1mdv2008.1.i586.rpm 465ff3df30f3bc8dd91e9b906b38158c 2008.1/SRPMS/wxGTK2.6-2.6.4-14.1mdv2008.1.src.rpm 9c40827bf45e99abcd306b69ee98b9ff 2008.1/SRPMS/wxgtk2.8-2.8.7-1.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 69e18858e88cdc6f7422d05164285cf0 2008.1/x86_64/lib64wxgtk2.6-2.6.4-14.1mdv2008.1.x86_64.rpm ad79430e27c6bcc118dac5ef82b4ed77 2008.1/x86_64/lib64wxgtk2.6-devel-2.6.4-14.1mdv2008.1.x86_64.rpm 26281d0605bab2d2a29693a5192129f9 2008.1/x86_64/lib64wxgtk2.8-2.8.7-1.1mdv2008.1.x86_64.rpm 2402b86fc51ad984a0e8e8d9467003dd 2008.1/x86_64/lib64wxgtk2.8-devel-2.8.7-1.1mdv2008.1.x86_64.rpm 2b43e583b20a4de1b41e62f9523e2d26 2008.1/x86_64/lib64wxgtkgl2.6-2.6.4-14.1mdv2008.1.x86_64.rpm 1f76056cc2107e72f67402879513279f 2008.1/x86_64/lib64wxgtkgl2.8-2.8.7-1.1mdv2008.1.x86_64.rpm 5025b73502e69b720f8ccb0dce5fcd90 2008.1/x86_64/lib64wxgtkglu2.6-2.6.4-14.1mdv2008.1.x86_64.rpm 8defd7f0ea46c1c503a040c0c1448f2b 2008.1/x86_64/lib64wxgtkglu2.8-2.8.7-1.1mdv2008.1.x86_64.rpm 5c3fecbd0883787eb696bc61553175fc 2008.1/x86_64/lib64wxgtku2.6-2.6.4-14.1mdv2008.1.x86_64.rpm fe57d33c500a5f7996fa8bccf1dbc12b 2008.1/x86_64/lib64wxgtku2.6-devel-2.6.4-14.1mdv2008.1.x86_64.rpm dd9063c83d389c68809bdd6a7647bf32 2008.1/x86_64/lib64wxgtku2.8-2.8.7-1.1mdv2008.1.x86_64.rpm 88fa100cb6e5974ca54de295f6bea515 2008.1/x86_64/lib64wxgtku2.8-devel-2.8.7-1.1mdv2008.1.x86_64.rpm 0f38542b20b1d098d98ba01ac16d6f1e 2008.1/x86_64/wxGTK2.6-2.6.4-14.1mdv2008.1.x86_64.rpm 6283212ea1ad0f35d2319e22c64b9019 2008.1/x86_64/wxgtk2.8-2.8.7-1.1mdv2008.1.x86_64.rpm 465ff3df30f3bc8dd91e9b906b38158c 2008.1/SRPMS/wxGTK2.6-2.6.4-14.1mdv2008.1.src.rpm 9c40827bf45e99abcd306b69ee98b9ff 2008.1/SRPMS/wxgtk2.8-2.8.7-1.1mdv2008.1.src.rpm Mandriva Linux 2009.0: fd90e9d6aad6676c8584a88f0d2bc814 2009.0/i586/libwxgtk2.6-2.6.4-16.1mdv2009.0.i586.rpm f7092574561340ac0feee731e68370a3 2009.0/i586/libwxgtk2.6-devel-2.6.4-16.1mdv2009.0.i586.rpm 2653b9edb82077d99ca6adb545aa33f8 2009.0/i586/libwxgtk2.8-2.8.8-1.1mdv2009.0.i586.rpm 9115da0da60f9d56cd7dd4114a185a10 2009.0/i586/libwxgtk2.8-devel-2.8.8-1.1mdv2009.0.i586.rpm 356d92dfa46d5a07cb78a9bc472de066 2009.0/i586/libwxgtkgl2.6-2.6.4-16.1mdv2009.0.i586.rpm fc14ae9b9eb4cfe94b1c5affafd81585 2009.0/i586/libwxgtkgl2.8-2.8.8-1.1mdv2009.0.i586.rpm c539553f6e8d15fa555b5e1c70fc317d 2009.0/i586/libwxgtkglu2.6-2.6.4-16.1mdv2009.0.i586.rpm 28cc63d000b8afd5332a7ce02e755656 2009.0/i586/libwxgtkglu2.8-2.8.8-1.1mdv2009.0.i586.rpm 9d6eaf37c2c5f645f14881080e369160 2009.0/i586/libwxgtku2.6-2.6.4-16.1mdv2009.0.i586.rpm 0f91c80b3ce77f51d4c1f5d36e0819f4 2009.0/i586/libwxgtku2.6-devel-2.6.4-16.1mdv2009.0.i586.rpm ff86706ea654ea7a468d6363dda6feab 2009.0/i586/libwxgtku2.8-2.8.8-1.1mdv2009.0.i586.rpm 8c68a793d4c2d757433eea4e77a60f55 2009.0/i586/libwxgtku2.8-devel-2.8.8-1.1mdv2009.0.i586.rpm f8a1e00d8b94a7db2609d8a71462f0df 2009.0/i586/wxGTK2.6-2.6.4-16.1mdv2009.0.i586.rpm de0c1a62f4cf70af914191defdc7f76e 2009.0/i586/wxgtk2.8-2.8.8-1.1mdv2009.0.i586.rpm e930a36288bf2ff3b8aca22399863eba 2009.0/SRPMS/wxGTK2.6-2.6.4-16.1mdv2009.0.src.rpm 6bde57c053c58878704038b21c2d1676 2009.0/SRPMS/wxgtk2.8-2.8.8-1.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: cb965c0dddbe7b7e303ad0b5ebde0cc9 2009.0/x86_64/lib64wxgtk2.6-2.6.4-16.1mdv2009.0.x86_64.rpm af54a23998cd6c032fa48f81c228c175 2009.0/x86_64/lib64wxgtk2.6-devel-2.6.4-16.1mdv2009.0.x86_64.rpm 544d87b36b2a6f99f4435bbb9a7cb2c0 2009.0/x86_64/lib64wxgtk2.8-2.8.8-1.1mdv2009.0.x86_64.rpm 43f5f90dc44adc7d23831eb428501484 2009.0/x86_64/lib64wxgtk2.8-devel-2.8.8-1.1mdv2009.0.x86_64.rpm 561630fdbd6989c87912194b2c0777d1 2009.0/x86_64/lib64wxgtkgl2.6-2.6.4-16.1mdv2009.0.x86_64.rpm 4262b7dc3e62e814e2f31af892d1e7d3 2009.0/x86_64/lib64wxgtkgl2.8-2.8.8-1.1mdv2009.0.x86_64.rpm 587512fe0e20bda8f15941f298398fcd 2009.0/x86_64/lib64wxgtkglu2.6-2.6.4-16.1mdv2009.0.x86_64.rpm fcea1308febc43a1e63798d483aa9b32 2009.0/x86_64/lib64wxgtkglu2.8-2.8.8-1.1mdv2009.0.x86_64.rpm c5322379be157f028733dd0409f5f1b0 2009.0/x86_64/lib64wxgtku2.6-2.6.4-16.1mdv2009.0.x86_64.rpm c0f8976fd1ea4753fbb35d057f7f6790 2009.0/x86_64/lib64wxgtku2.6-devel-2.6.4-16.1mdv2009.0.x86_64.rpm a1a75543ff88ba2077ff8e97d85bb649 2009.0/x86_64/lib64wxgtku2.8-2.8.8-1.1mdv2009.0.x86_64.rpm 36ab506bcf29555c832026ef8b14d98c 2009.0/x86_64/lib64wxgtku2.8-devel-2.8.8-1.1mdv2009.0.x86_64.rpm 6d6ac31a5dece6e11bf0b1270a539b97 2009.0/x86_64/wxGTK2.6-2.6.4-16.1mdv2009.0.x86_64.rpm 370573fa244efd69c2ca1313d8b39320 2009.0/x86_64/wxgtk2.8-2.8.8-1.1mdv2009.0.x86_64.rpm e930a36288bf2ff3b8aca22399863eba 2009.0/SRPMS/wxGTK2.6-2.6.4-16.1mdv2009.0.src.rpm 6bde57c053c58878704038b21c2d1676 2009.0/SRPMS/wxgtk2.8-2.8.8-1.1mdv2009.0.src.rpm Mandriva Linux 2009.1: 3979d52a3bd6ccf111f4a40b64ec5eea 2009.1/i586/libwxgtk2.8-2.8.9-3.1mdv2009.1.i586.rpm d9d16a58951147f0888bb6a60b1e9d5a 2009.1/i586/libwxgtk2.8-devel-2.8.9-3.1mdv2009.1.i586.rpm 78bb27f22b501c2240edb0f82defe0a3 2009.1/i586/libwxgtkgl2.8-2.8.9-3.1mdv2009.1.i586.rpm 03cc02b50295a401f49021689439af76 2009.1/i586/libwxgtkglu2.8-2.8.9-3.1mdv2009.1.i586.rpm db1398114cde348c62e3fb56752b17fe 2009.1/i586/libwxgtku2.8-2.8.9-3.1mdv2009.1.i586.rpm 69bceb618bee5154fc1be7ebed3c36cc 2009.1/i586/libwxgtku2.8-devel-2.8.9-3.1mdv2009.1.i586.rpm 328f826b7f8981ecbad53123547e3d86 2009.1/i586/wxgtk2.8-2.8.9-3.1mdv2009.1.i586.rpm d845e40860f9222aa10525e0fdf77d49 2009.1/SRPMS/wxgtk2.8-2.8.9-3.1mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 3ea359aa650974fe4eade365d7735d26 2009.1/x86_64/lib64wxgtk2.8-2.8.9-3.1mdv2009.1.x86_64.rpm 0b521987ee5a1374e409a1cc480fe9ce 2009.1/x86_64/lib64wxgtk2.8-devel-2.8.9-3.1mdv2009.1.x86_64.rpm 9782e47812d647a3ee0ad8ab7a334a3a 2009.1/x86_64/lib64wxgtkgl2.8-2.8.9-3.1mdv2009.1.x86_64.rpm 837559e31c0e56ef10c722439cf911c3 2009.1/x86_64/lib64wxgtkglu2.8-2.8.9-3.1mdv2009.1.x86_64.rpm 0b92147cce6dedf0389f105648444c2a 2009.1/x86_64/lib64wxgtku2.8-2.8.9-3.1mdv2009.1.x86_64.rpm 2a29085953161be80ecf2a3b5c69352b 2009.1/x86_64/lib64wxgtku2.8-devel-2.8.9-3.1mdv2009.1.x86_64.rpm ec4d61fc4898e4786f418c3e13d84fb8 2009.1/x86_64/wxgtk2.8-2.8.9-3.1mdv2009.1.x86_64.rpm d845e40860f9222aa10525e0fdf77d49 2009.1/SRPMS/wxgtk2.8-2.8.9-3.1mdv2009.1.src.rpm Corporate 4.0: dc4c6e0a79098643d963619b60e7cd9e corporate/4.0/i586/libwxgtk2.6-2.6.1-1.1.20060mlcs4.i586.rpm e205de34a2ec8bb2ef63133e01e17608 corporate/4.0/i586/libwxgtk2.6-devel-2.6.1-1.1.20060mlcs4.i586.rpm 8c7ae887633a1c98883321a54fa3ca14 corporate/4.0/i586/libwxgtkgl2.6-2.6.1-1.1.20060mlcs4.i586.rpm da12877bb22222c307a15b93808aad2c corporate/4.0/i586/libwxgtkglu2.6-2.6.1-1.1.20060mlcs4.i586.rpm fe783f2a999f1ad7bd7523d39f4b5685 corporate/4.0/i586/libwxgtku2.6-2.6.1-1.1.20060mlcs4.i586.rpm ec16a26ad50a9d2b9c5743ae5fac7cae corporate/4.0/i586/libwxgtku2.6-devel-2.6.1-1.1.20060mlcs4.i586.rpm 056219b0008826fa1ac1696d1f4ff432 corporate/4.0/i586/wxGTK2.6-2.6.1-1.1.20060mlcs4.i586.rpm 8d8b3aba0a3e22d707f28cb9f8608ef4 corporate/4.0/SRPMS/wxGTK2.6-2.6.1-1.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: 32e416f12f857045a2745d61b3f90f5d corporate/4.0/x86_64/lib64wxgtk2.6-2.6.1-1.1.20060mlcs4.x86_64.rpm 861a866b3c5aa376930190e9046e4eb3 corporate/4.0/x86_64/lib64wxgtk2.6-devel-2.6.1-1.1.20060mlcs4.x86_64.rpm 77f2d6060c1eb83e06533537984d194b corporate/4.0/x86_64/lib64wxgtkgl2.6-2.6.1-1.1.20060mlcs4.x86_64.rpm be0a40d1a42feb11f1186b43d5c24e6d corporate/4.0/x86_64/lib64wxgtkglu2.6-2.6.1-1.1.20060mlcs4.x86_64.rpm 61b49d21b5da866d3e85626073f102b9 corporate/4.0/x86_64/lib64wxgtku2.6-2.6.1-1.1.20060mlcs4.x86_64.rpm ab88d380ffd073f308b155066fb85523 corporate/4.0/x86_64/lib64wxgtku2.6-devel-2.6.1-1.1.20060mlcs4.x86_64.rpm 35f808f8cd59723580659ceb2ff81800 corporate/4.0/x86_64/wxGTK2.6-2.6.1-1.1.20060mlcs4.x86_64.rpm 8d8b3aba0a3e22d707f28cb9f8608ef4 corporate/4.0/SRPMS/wxGTK2.6-2.6.1-1.1.20060mlcs4.src.rpm Mandriva Enterprise Server 5: b9949389f8c2f255f7c08d4deee8a205 mes5/i586/libwxgtk2.8-2.8.8-1.1mdvmes5.i586.rpm 62e01f7fac4ddcad704dcc44d8a20f18 mes5/i586/libwxgtk2.8-devel-2.8.8-1.1mdvmes5.i586.rpm ac213b138398076f018d0c3f22138d26 mes5/i586/libwxgtkgl2.8-2.8.8-1.1mdvmes5.i586.rpm 1007cc1c288d2dd0ea49a11a69314744 mes5/i586/libwxgtkglu2.8-2.8.8-1.1mdvmes5.i586.rpm 55ca51004e86b7393efe71e21a1cbc4b mes5/i586/libwxgtku2.8-2.8.8-1.1mdvmes5.i586.rpm 76ad64e12a1785e5344003ad93262dbb mes5/i586/libwxgtku2.8-devel-2.8.8-1.1mdvmes5.i586.rpm 26fa6078f737e69ab3024047c1591a4a mes5/i586/wxgtk2.8-2.8.8-1.1mdvmes5.i586.rpm 8d25aab35d794053627efec49dc73b50 mes5/SRPMS/wxgtk2.8-2.8.8-1.1mdvmes5.src.rpm Mandriva Enterprise Server 5/X86_64: 685a0e502184adff3ebb251eb0f65d7f mes5/x86_64/lib64wxgtk2.8-2.8.8-1.1mdvmes5.x86_64.rpm 461ec9738183f7474f3765aefddff47e mes5/x86_64/lib64wxgtk2.8-devel-2.8.8-1.1mdvmes5.x86_64.rpm 78c67aaacdf55179d499fbba0b742de0 mes5/x86_64/lib64wxgtkgl2.8-2.8.8-1.1mdvmes5.x86_64.rpm 88ed2a84aeed286a2e6234e7740d5fd3 mes5/x86_64/lib64wxgtkglu2.8-2.8.8-1.1mdvmes5.x86_64.rpm f40bcaac3f32956e83d85ed7ba318c79 mes5/x86_64/lib64wxgtku2.8-2.8.8-1.1mdvmes5.x86_64.rpm 4087d948db042660433e8f231b893b42 mes5/x86_64/lib64wxgtku2.8-devel-2.8.8-1.1mdvmes5.x86_64.rpm 1566dd6943961d3e43027716539ba072 mes5/x86_64/wxgtk2.8-2.8.8-1.1mdvmes5.x86_64.rpm 8d25aab35d794053627efec49dc73b50 mes5/SRPMS/wxgtk2.8-2.8.8-1.1mdvmes5.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKiHKwmqjQ0CJFipgRApvpAKDOu03RiPsa87evchns6DdzX4qznQCfYKbn aNUc9rmakeIt34fk4FfpC4Y= =Pna2 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists