LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 24th, 2014
Linux Security Week: October 20th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandrake: Updated gtk+2.0 packages fix Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A bug was discovered in the way that gtk+2.0 processes BMP images which could allow for a specially crafted BMP to cause a Denial of Service attack on applications linked against gtk+2.0. The updated packages have been patched to correct these issues.
 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           gtk+2.0
 Advisory ID:            MDKSA-2005:068
 Date:                   April 7th, 2005

 Affected versions:	 10.0, 10.1, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 A bug was discovered in the way that gtk+2.0 processes BMP images
 which could allow for a specially crafted BMP to cause a Denial of
 Service attack on applications linked against gtk+2.0.
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 6ded91220f9da5195a7eb8bd29744ce5  10.0/RPMS/gtk+2.0-2.2.4-10.2.100mdk.i586.rpm
 defbd824fdbceafb811c4a26804eea2d  10.0/RPMS/libgdk_pixbuf2.0_0-2.2.4-10.2.100mdk.i586.rpm
 fa164ed6e67c60abd8f9624715b06cef  10.0/RPMS/libgdk_pixbuf2.0_0-devel-2.2.4-10.2.100mdk.i586.rpm
 0a90ddf71f6e8bd8b70503a4bbe41f00  10.0/RPMS/libgtk+-linuxfb-2.0_0-2.2.4-10.2.100mdk.i586.rpm
 5f9257920729f34f1657406ab69dd3fe  10.0/RPMS/libgtk+-linuxfb-2.0_0-devel-2.2.4-10.2.100mdk.i586.rpm
 ff6e8a3eb98537c53607275896788a6b  10.0/RPMS/libgtk+-x11-2.0_0-2.2.4-10.2.100mdk.i586.rpm
 dcb5de61416c85a2680bfe331e12faf4  10.0/RPMS/libgtk+2.0_0-2.2.4-10.2.100mdk.i586.rpm
 b5e1886ca33a99b7ea26ba65a634a171  10.0/RPMS/libgtk+2.0_0-devel-2.2.4-10.2.100mdk.i586.rpm
 8a7e5e9f6620200330f7800d65e02468  10.0/SRPMS/gtk+2.0-2.2.4-10.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 3442a95e11299776193b69b6bc86513a  amd64/10.0/RPMS/gtk+2.0-2.2.4-10.2.100mdk.amd64.rpm
 879dfefb728b1f04c5f5e0c049cb173b  amd64/10.0/RPMS/lib64gdk_pixbuf2.0_0-2.2.4-10.2.100mdk.amd64.rpm
 c4ac90a0f8d987a825fb1f6732e14c57  amd64/10.0/RPMS/lib64gdk_pixbuf2.0_0-devel-2.2.4-10.2.100mdk.amd64.rpm
 554b74e447cda888be6ae8cb7e916761  amd64/10.0/RPMS/lib64gtk+-linuxfb-2.0_0-2.2.4-10.2.100mdk.amd64.rpm
 c17c2e94111421bfd631adf517fc5b57  amd64/10.0/RPMS/lib64gtk+-linuxfb-2.0_0-devel-2.2.4-10.2.100mdk.amd64.rpm
 fd493ea1d4da40eedf305e2d558d41e6  amd64/10.0/RPMS/lib64gtk+-x11-2.0_0-2.2.4-10.2.100mdk.amd64.rpm
 292e229535ee420bc8bbf7488225611a  amd64/10.0/RPMS/lib64gtk+2.0_0-2.2.4-10.2.100mdk.amd64.rpm
 827a421ac971df39a90f47467195eb75  amd64/10.0/RPMS/lib64gtk+2.0_0-devel-2.2.4-10.2.100mdk.amd64.rpm
 8a7e5e9f6620200330f7800d65e02468  amd64/10.0/SRPMS/gtk+2.0-2.2.4-10.2.100mdk.src.rpm

 Mandrakelinux 10.1:
 63bdf92cde28cd4596862acb8303db89  10.1/RPMS/gtk+2.0-2.4.9-9.1.101mdk.i586.rpm
 d0b44ebf0f5a32495164e3b95f836a1e  10.1/RPMS/libgdk_pixbuf2.0_0-2.4.9-9.1.101mdk.i586.rpm
 b61a83a21d2af5f893d010687e4ba31c  10.1/RPMS/libgdk_pixbuf2.0_0-devel-2.4.9-9.1.101mdk.i586.rpm
 79e3363764cd1e005c92217b1601410d  10.1/RPMS/libgtk+-x11-2.0_0-2.4.9-9.1.101mdk.i586.rpm
 db1d643a7c5e8c2ea9caf3a09b08ffd1  10.1/RPMS/libgtk+2.0_0-2.4.9-9.1.101mdk.i586.rpm
 825f54c99f3e0790fa563318eb0ad4f4  10.1/RPMS/libgtk+2.0_0-devel-2.4.9-9.1.101mdk.i586.rpm
 73738f0963942b9266e0cb3ec2e7812b  10.1/SRPMS/gtk+2.0-2.4.9-9.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 58f3b14ddf3174f282a7fcedd2291cb2  x86_64/10.1/RPMS/gtk+2.0-2.4.9-9.1.101mdk.x86_64.rpm
 d0b44ebf0f5a32495164e3b95f836a1e  x86_64/10.1/RPMS/libgdk_pixbuf2.0_0-2.4.9-9.1.101mdk.i586.rpm
 79e3363764cd1e005c92217b1601410d  x86_64/10.1/RPMS/libgtk+-x11-2.0_0-2.4.9-9.1.101mdk.i586.rpm
 db1d643a7c5e8c2ea9caf3a09b08ffd1  x86_64/10.1/RPMS/libgtk+2.0_0-2.4.9-9.1.101mdk.i586.rpm
 0a8969769eb5197c102f9c4e26de3c9d  x86_64/10.1/RPMS/lib64gdk_pixbuf2.0_0-2.4.9-9.1.101mdk.x86_64.rpm
 8587febd8da71ae4ac0523f1bf3799ba  x86_64/10.1/RPMS/lib64gdk_pixbuf2.0_0-devel-2.4.9-9.1.101mdk.x86_64.rpm
 81a6326dd657d99ee7dd7c0677fc8ff2  x86_64/10.1/RPMS/lib64gtk+-x11-2.0_0-2.4.9-9.1.101mdk.x86_64.rpm
 777f9c5fc9d83748825e0e9af165c3e3  x86_64/10.1/RPMS/lib64gtk+2.0_0-2.4.9-9.1.101mdk.x86_64.rpm
 72273e60a9ff32f874239d90d5cdfd24  x86_64/10.1/RPMS/lib64gtk+2.0_0-devel-2.4.9-9.1.101mdk.x86_64.rpm
 73738f0963942b9266e0cb3ec2e7812b  x86_64/10.1/SRPMS/gtk+2.0-2.4.9-9.1.101mdk.src.rpm

 Corporate 3.0:
 87c55c922e3fe5dce66fd619d6d94034  corporate/3.0/RPMS/gtk+2.0-2.2.4-10.3.C30mdk.i586.rpm
 5bdfa2ded3da000da4d39c7bdb5a2edb  corporate/3.0/RPMS/libgdk_pixbuf2.0_0-2.2.4-10.3.C30mdk.i586.rpm
 e6e00410204aff942b57b4b42ce3708a  corporate/3.0/RPMS/libgdk_pixbuf2.0_0-devel-2.2.4-10.3.C30mdk.i586.rpm
 7b714ac098a96754362d0e6e6b06d22a  corporate/3.0/RPMS/libgtk+-linuxfb-2.0_0-2.2.4-10.3.C30mdk.i586.rpm
 4f13d0dd61a046297f8ced1e78496549  corporate/3.0/RPMS/libgtk+-linuxfb-2.0_0-devel-2.2.4-10.3.C30mdk.i586.rpm
 5009d264352ec2f4710d4e2d198f5178  corporate/3.0/RPMS/libgtk+-x11-2.0_0-2.2.4-10.3.C30mdk.i586.rpm
 70cc0d5faecb6ade7db357bd98ae2f2c  corporate/3.0/RPMS/libgtk+2.0_0-2.2.4-10.3.C30mdk.i586.rpm
 fe6a4d000fb5af708fec694109e56339  corporate/3.0/RPMS/libgtk+2.0_0-devel-2.2.4-10.3.C30mdk.i586.rpm
 cb2b245a60da7db473b9d6f95596a8e8  corporate/3.0/SRPMS/gtk+2.0-2.2.4-10.3.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 62ba5850d9ce991c37b00d4f4c2423fc  x86_64/corporate/3.0/RPMS/gtk+2.0-2.2.4-10.3.C30mdk.x86_64.rpm
 c3752c95681dba01c2862559099ae28c  x86_64/corporate/3.0/RPMS/lib64gdk_pixbuf2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
 c60a80e68525611932a2be6c5a224471  x86_64/corporate/3.0/RPMS/lib64gdk_pixbuf2.0_0-devel-2.2.4-10.3.C30mdk.x86_64.rpm
 493ef92d6e50f9399303015c73d74bdd  x86_64/corporate/3.0/RPMS/lib64gtk+-linuxfb-2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
 0b60bc13179cb5563580bcfe78754065  x86_64/corporate/3.0/RPMS/lib64gtk+-linuxfb-2.0_0-devel-2.2.4-10.3.C30mdk.x86_64.rpm
 93ca4819c1be2754e0b45fafebe12133  x86_64/corporate/3.0/RPMS/lib64gtk+-x11-2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
 313c17b002cde662476654bca69a887b  x86_64/corporate/3.0/RPMS/lib64gtk+2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
 730e178acc1c61b370490b7aaf71bb5f  x86_64/corporate/3.0/RPMS/lib64gtk+2.0_0-devel-2.2.4-10.3.C30mdk.x86_64.rpm
 cb2b245a60da7db473b9d6f95596a8e8  x86_64/corporate/3.0/SRPMS/gtk+2.0-2.2.4-10.3.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Pro-Privacy Senator Wyden on Fighting the NSA From Inside the System
NIST to hypervisor admins: secure your systems
Quick PHP patch beats slow research reveal
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.