=========================================================== 
Ubuntu Security Notice USN-467-1               May 31, 2007
gimp vulnerability
CVE-2007-2356
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  gimp                                     2.2.11-1ubuntu3.2

Ubuntu 6.10:
  gimp                                     2.2.13-1ubuntu3.1

Ubuntu 7.04:
  gimp                                     2.2.13-1ubuntu4.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Gimp did not correctly handle RAS image format
color tables.  By tricking a user into opening a specially crafted RAS
file with Gimp, an attacker could exploit this to execute arbitrary code
with the user's privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:    34440 bdc1f59f4e8509532205cc8f7707ddf9
          Size/MD5:     1264 fb1320380859fb8efc3926938f7a263f
          Size/MD5: 18549092 c4312189e3a7f869a26874854dc6a1d7

  Architecture independent packages:

          Size/MD5:  2093574 1329c70db8cd69f83e0becefa4e2469b
          Size/MD5:   527572 3d7fafd040d9ad6f2110b99009ade41f

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:  8473796 99e1cbd0d6c038f2b72df2e5ed459eec
          Size/MD5:    53194 5619cd9f170f3f1b84757769c7671302
          Size/MD5:   133586 e0b1ca666de5befffd1f0ae623730db7
          Size/MD5:    53254 7d3700aa23b500f8925e87f6aa31eb26
          Size/MD5:  3148084 553792069611f6b21f33a470b4f9154b
          Size/MD5:   108842 97a5fc85c62645b5fef63eff0f0b2e7a
          Size/MD5:   453550 53a52661ea65febe342ddad587e59ca5

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:  7197306 6da1595d437f265aae4c12dedc66ff54
          Size/MD5:    51890 d604356b391b63992cbb3f14f785b88e
          Size/MD5:   125966 161255aa69a1e9e2e88012ea6ff527b8
          Size/MD5:    52314 f31695714598bc06adb8c71f9486192d
          Size/MD5:  2777862 a0a83fffe71d98d5534bd1a49e677dde
          Size/MD5:   108838 c7b201abc6038edbd5a6a10f7b10b3d2
          Size/MD5:   410406 931a49d570d973370b76f657eeceb3c5

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:  8506756 e25c5e40652a07fb1a2a6d8ee8de54fe
          Size/MD5:    53666 7fe0f1182fdcdcfcb60e3a7ea7d3076f
          Size/MD5:   129498 8be9c7d1ed3c7e5ffb904b7dc3e9b476
          Size/MD5:    54312 fc6acc79a884fd6d92932f55945cd281
          Size/MD5:  3229200 08440562bdecf8f01020cac711d3a182
          Size/MD5:   108834 df2ab1c4b6e92cce85c519cfc12dee22
          Size/MD5:   444964 c104f1bbdad54705d920997280ab1acd

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:  7494306 f01fdc60ddc96230fea3457a889610b7
          Size/MD5:    52046 613d569436655bf82acf7ab0cceb2248
          Size/MD5:   127280 eaaca0955648bc0928553b4a29688367
          Size/MD5:    52514 410062f39538ffed85ba19eb37184ef8
          Size/MD5:  2821538 98f0018ec260eef65c2869853be3a835
          Size/MD5:   108844 ab1d8c7db1dc963d01d2816faaca9368
          Size/MD5:   428878 123d355a99106e21e5df3939237fcea8

Updated packages for Ubuntu 6.10:

  Source archives:

          Size/MD5:    30195 178737a7a88015d5927b63b1d5180726
          Size/MD5:     1276 988e60f6f2844f6faf2676967317cf79
          Size/MD5: 18816434 20c3cd6b730c11da4d70671ed047f803

  Architecture independent packages:

          Size/MD5:  2104956 3a1c3757851eff839bfcc1ee4ad94087
          Size/MD5:   556572 4fabb4672a1a77c7b25bf1a4c4e2fa4b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:  8426114 f68918343c3e2d9e55722faea2c70a41
          Size/MD5:    65218 f718fa7945e0fc6f0234cf8bbf5012c4
          Size/MD5:   146000 11de8da496c098060c689ace3c3be6d2
          Size/MD5:    65470 239365582b4690e076515b1d58183419
          Size/MD5:  3226190 3b06b4fe8d77aba923251c281e0c7a7b
          Size/MD5:   119774 a4f5285b3fecadd2bc073ede0bf6d34a
          Size/MD5:   466960 ebaf461d63f575e71f1ff408260c0b55

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:  7732340 bbf0c0c74b2af962fdfbf590914c2f23
          Size/MD5:    64198 4b1c3ef3f103a37a9e21e0078875260a
          Size/MD5:   139782 612218506c2b2c23b757cdb9da9a9f3b
          Size/MD5:    64496 4f0b83eb01ced962a72d0af3cd2c0f1b
          Size/MD5:  2961134 5c881db47e8c027aad1c8eb64a3a4169
          Size/MD5:   119784 41efc6a5477abd20da6a03def8bf23e7
          Size/MD5:   434414 c6e52526df195dfb4a86b09a5150a25b

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:  8625610 35a8b50db45351482f582614343ef6ee
          Size/MD5:    65678 ceef95933c42ea128f8d5f87366bc92e
          Size/MD5:   142248 b932ca9621faab018dc4c34ef6fb5b73
          Size/MD5:    66324 913270d682774e6f597b90f9e0565737
          Size/MD5:  3332744 3ee45bffcd0d6e83ba3bb42fe6276b2f
          Size/MD5:   119780 1424304848111297ea21bdacdb77f276
          Size/MD5:   460250 0ee28a181c9381f2f5659e00dab5d403

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:  7819208 64ea42af493c5c7ccec83e4518a6fef7
          Size/MD5:    64086 6786eda80cef763d7b1e72ba77c6a6c6
          Size/MD5:   139888 49b93c02781a04427a89bf5548880bc8
          Size/MD5:    64604 c235594552817457e058b2f72ad87143
          Size/MD5:  2915186 49af46fd426eca0c9e5856974e64f4dc
          Size/MD5:   119778 01c3e0bf7def90c553e4a1228562efa7
          Size/MD5:   441864 44b3cb8f80a157c102fe90306aa8e630

Updated packages for Ubuntu 7.04:

  Source archives:

          Size/MD5:    30297 8dd0971f0194eb28df843e3e1fdc4ce0
          Size/MD5:     1360 13e18dad67e37bc5c041decf5ee5b43d
          Size/MD5: 18816434 20c3cd6b730c11da4d70671ed047f803

  Architecture independent packages:

          Size/MD5:  2105006 08d4eef7c0714743d4d50c15ab2fcde6
          Size/MD5:   556648 d81f999cca51c690fc134a50f7f7b3c8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:  8443830 7df3b7d2a0dcd1a819d1a8891516c62a
          Size/MD5:    65378 fa708bd15ff5e5ff827301f2e1065300
          Size/MD5:   145848 64697f054bf638b17ca093cbe506a058
          Size/MD5:    65622 beaee17cfee6c7da27c2afcd229a19b5
          Size/MD5:  3240890 bace0b74e1a2466e9f3ffa070c256ad6
          Size/MD5:   119854 ae1f7195ca956f0646def5002fbacb7b
          Size/MD5:   473656 60d0082780e4b6d1bca142605b6a38b4

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:  7738536 d660c98c4ff2d69bb79acf96b98b8fac
          Size/MD5:    64352 26a1204a8de9728ce7e69a6a6cb5ab65
          Size/MD5:   139804 ba00d30507d15193b137a84e98c8223d
          Size/MD5:    64676 9af1f90034daf82d7ba1261dfddb4e02
          Size/MD5:  2968752 2d8cf6cb5d521d705d8e2aeff02f2a49
          Size/MD5:   119832 94b16c71ce2eff41311b8a89edadfdeb
          Size/MD5:   441054 2227b9f8470ea69b47eb2366326f7ff1

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:  8634058 3249e0b2819c9fad82b6dd7dab311cfa
          Size/MD5:    68614 ee892285f171a5f7db516ec0119b42fd
          Size/MD5:   146102 4d0242a08d59dc8a3ea9b47736aeeb05
          Size/MD5:    69238 c348c816778550532f00c104895c20d4
          Size/MD5:  3627836 49ef0d7503f2145a84a09a38cf8c4658
          Size/MD5:   119842 9a8a872069679a34d85aa5a8a5440720
          Size/MD5:   491152 6b015f4735a1df47cb2fcadead6fefd2

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:  7837866 b6200dbdf8e4693388af5f8955f7289e
          Size/MD5:    65028 49407f159319c51fcf2cc764698e8df0
          Size/MD5:   139932 1ce206a4f9017b57303742de655f6303
          Size/MD5:    65524 4bb5901e8025a63b91133afb093c0c0a
          Size/MD5:  3018424 af707618079668f15f0ec8517ed491a9
          Size/MD5:   119852 9e143862658f865df5251fcdde19ef63
          Size/MD5:   449054 9dd12be5414c2b78ce7d6364ae40508c