Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Debian: New gdk-pixbuf packages fix several vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 913-1                                        Martin Schulze
December 1st, 2005            
- --------------------------------------------------------------------------

Package        : gdk-pixbuf
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE IDs        : CVE-2005-2975 CVE-2005-2976 CVE-2005-3186
BugTraq ID     : 15428
Debian Bug     : 339431

Several vulnerabilities have been found in gdk-pixbuf, the Gtk+
GdkPixBuf XPM image rendering library.  The Common Vulnerabilities and
Exposures project identifies the following problems:


    Ludwig Nussel discovered an infinite loop when processing XPM
    images that allows an attacker to cause a denial of service via a
    specially crafted XPM file.


    Ludwig Nussel discovered an integer overflow in the way XPM images
    are processed that could lead to the execution of arbitrary code
    or crash the application via a specially crafted XPM file.


    "infamous41md" discovered an integer in the XPM processing routine
    that can be used to execute arbitrary code via a traditional heap

The following matrix explains which versions fix these problems:

             old stable (woody)    stable (sarge)   unstable (sid)
gdk-pixbuf     0.17.0-2woody3        0.22.0-8.1       0.22.0-11
gtk+2.0         2.0.2-5woody3         2.6.4-3.1        2.6.10-2

We recommend that you upgrade your gdk-pixbuf packages.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:
      Size/MD5 checksum:      706 148ab895e798cb66959ae0bf7c725424
      Size/MD5 checksum:    20031 7851718d740e6e6a629e462b87269234
      Size/MD5 checksum:   547194 021914ad9104f265527c28220315e542

  Alpha architecture:
      Size/MD5 checksum:   177066 edf14dd71b77d893ca27c7768dd0a9f4
      Size/MD5 checksum:     9730 52bcd65497f80d9f9b649f2dff012436
      Size/MD5 checksum:     8874 1d7cfd64edf8fc05888e608bbba6edc9
      Size/MD5 checksum:   193844 d20a90a4252d8f9ada81eb07b9798f25

  ARM architecture:
      Size/MD5 checksum:   156918 7a96bcd45ce4b637283c2b966c1fbbbc
      Size/MD5 checksum:     8146 b1081dd21eadff238d9b411a71487759
      Size/MD5 checksum:     7282 b65d0f3169de9ff0bd73289de74be475
      Size/MD5 checksum:   161486 96ab7f9daf68d8f5317cf8e633e2da29

  Intel IA-32 architecture:
      Size/MD5 checksum:   147604 45fbdaa219558095236d758b15ab8da0
      Size/MD5 checksum:     7602 b0d9ed0671ea6b4abc1311c3b50c2821
      Size/MD5 checksum:     7142 e125861f4de9b5958e47336332532408
      Size/MD5 checksum:   151634 8db98edeeeceddca00ab90d23a3377fd

  Intel IA-64 architecture:
      Size/MD5 checksum:   194976 de93fe82b55f27ae64566d9946d0fee9
      Size/MD5 checksum:    11016 11b9ec958564155bf58ecef0ce38621f
      Size/MD5 checksum:    11076 d425f1ddd7dda9a2b09816976e365da8
      Size/MD5 checksum:   229474 69ad68e6ed5ea88df1abdf954e26dfa4

  HP Precision architecture:
      Size/MD5 checksum:   181324 e3543dc0a15a94e57946647fdc777791
      Size/MD5 checksum:     9638 b392986cc6d6ddf24a47589f9fc78b5b
      Size/MD5 checksum:     9316 3be84377508b98df8f700885dc0bcb13
      Size/MD5 checksum:   190026 4741d1df4e66ba1a90758a44a68123ab

  Motorola 680x0 architecture:
      Size/MD5 checksum:   142140 505be04e8005f316259cad3025d599c3
      Size/MD5 checksum:     7306 3967ebf6db8793d6a86fd294af843260
      Size/MD5 checksum:     7016 fb75b5d4d20a3a9f497a154622071d12
      Size/MD5 checksum:   156574 12a13ab0e1bd6aa4557d52e433ce0128

  Big endian MIPS architecture:
      Size/MD5 checksum:   167564 44823af863fa6eaea95bec78a78f3c48
      Size/MD5 checksum:     9566 722001dea6d4386afdcaa5503a2734f4
      Size/MD5 checksum:     8274 8400f88e4c1ccf9d0a0fc1cdfd160818
      Size/MD5 checksum:   165456 e8f367d5b275641cac0dcdb78dd8b847

  Little endian MIPS architecture:
      Size/MD5 checksum:   168088 27fe81d3e0d259d0b2f9f1d0cb6b20c3
      Size/MD5 checksum:     9482 4d21b6c2528e39207b4e161ffc9f8bce
      Size/MD5 checksum:     8116 5465609ebc24647a0bb8cce0b855c04a
      Size/MD5 checksum:   165596 9a1e6e006eccecd83d1531e22a5eb69c

  PowerPC architecture:
      Size/MD5 checksum:   166132 cda8b87f950b3711955c8e3124ee40e1
      Size/MD5 checksum:     9246 6823a85cd60349e4ba10e24884a173fd
      Size/MD5 checksum:     8072 b57e887073c448885cba21df750f7b3c
      Size/MD5 checksum:   171316 d343436d579fbb1a359e076b84480114

  IBM S/390 architecture:
      Size/MD5 checksum:   153500 4e03bafc909b4461adead1162b7b2621
      Size/MD5 checksum:     7866 20eb416547214564d687c6e1b6dc0d81
      Size/MD5 checksum:     7564 bc0b59ddcb29b96cbbe839d881a419e2
      Size/MD5 checksum:   167510 59c3f71ee91508e678a66bf28c983f82

  Sun Sparc architecture:
      Size/MD5 checksum:   161136 aa671663e7343c7f7f8b47960b558f11
      Size/MD5 checksum:     8270 2f7862d0a6f2f98b0d4c6e3e0b6929df
      Size/MD5 checksum:     7502 97aac947b5168472b1ab4a6a0399d1c1
      Size/MD5 checksum:   167184 9d79c42f3dcba5026069b15e742aafdd

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:
      Size/MD5 checksum:      709 7a800a91469430a28ab1900ebb92ba83
      Size/MD5 checksum:   372331 20d149f93e8093e4dbb365e9278ce741
      Size/MD5 checksum:   519266 4db0503b5a62533db68b03908b981751

  Alpha architecture:
      Size/MD5 checksum:   185780 fbfdd560a6b3591165a757797198e931
      Size/MD5 checksum:    10376 3b5273e0e21ee40c5d540a22ff91b99a
      Size/MD5 checksum:     8650 c5d672403f8038129d35022515e8a339
      Size/MD5 checksum:   205704 22b1261a845cea95520acd68cf6e74ec

  AMD64 architecture:
      Size/MD5 checksum:   155358 8653e4d9403ff7baeefbc7c955b83eb7
      Size/MD5 checksum:     8474 ffad5870291f93584f70fa7645b54bdd
      Size/MD5 checksum:     7942 d32005b5de994f10f15dfb91a6caf507
      Size/MD5 checksum:   183366 6304fdc084b9e2ec433712b091e497c5

  ARM architecture:
      Size/MD5 checksum:   153978 e13ef5dd0694f3d0cc5836d2fdbddec0
      Size/MD5 checksum:     8126 4ef59c62c86c0d567929d0e88fd4ebb9
      Size/MD5 checksum:     7076 ccc7721296431294a6a657ec5c4bf2a7
      Size/MD5 checksum:   171352 afe13217c5566e0ecf26950bc9b2f4b5

  Intel IA-32 architecture:
      Size/MD5 checksum:   150416 0f2d4af07ce624a4fa3af2e0964e91a3
      Size/MD5 checksum:     7860 4e0d60fa4cebefe5c434fbe2e5bf16e6
      Size/MD5 checksum:     7354 3b6d8fc4ebc1314a35c307dd51ec1e1f
      Size/MD5 checksum:   172140 0f6b383d15e21f02a9db0f3b58d31864

  Intel IA-64 architecture:
      Size/MD5 checksum:   196584 25c9be6f81524a4641c8b7faf3f14b48
      Size/MD5 checksum:    10860 a04397bc288e8abe6f8094ac5cdfc8a8
      Size/MD5 checksum:    10544 97dec60626ea52e0ce3adf5df0619228
      Size/MD5 checksum:   232546 973a9a9a079936e682fe352dfb2eae0a

  HP Precision architecture:
      Size/MD5 checksum:   173056 0960b569e9cc3c6533e4a2394b56b18a
      Size/MD5 checksum:     9238 5699f6b933217187a165956a4adcf8c9
      Size/MD5 checksum:     9070 e82facecfb3184345b797176110c8795
      Size/MD5 checksum:   201596 df67a873b1f1781b5418479802780074

  Motorola 680x0 architecture:
      Size/MD5 checksum:   137808 855cd148e584d2a47e15b893bc771076
      Size/MD5 checksum:     7114 1c2ffc6287c76e8b656ac4cc8cb45197
      Size/MD5 checksum:     6822 b23f138f206443979bef0f0d16429e9f
      Size/MD5 checksum:   168122 fec535c555ffcec871f015251bb5d392

  Big endian MIPS architecture:
      Size/MD5 checksum:   166212 c3648e5b7be69cb95dd162d1532a4064
      Size/MD5 checksum:     9512 c4b9a6a610d879af5986eabeb819bd44
      Size/MD5 checksum:     8084 af031e50f98a270977aac6d3f60c37aa
      Size/MD5 checksum:   178910 0538e2bfe12f9fcd0d9b391adc4ca403

  Little endian MIPS architecture:
      Size/MD5 checksum:   167032 2739863166ce8ccdd7a289e47ce94e8f
      Size/MD5 checksum:     9544 cdd63315a97c0ff14fa6982811d25ac4
      Size/MD5 checksum:     8058 a7fee13884e082a5c0646c6723e757f4
      Size/MD5 checksum:   180220 d15b93b2235a05eeba9ab2fdce88327e

  PowerPC architecture:
      Size/MD5 checksum:   163132 8562f340ba8cba0079fa6c36a5c3a384
      Size/MD5 checksum:     9170 cd1fe56377a4313d54bbce1622c5f10f
      Size/MD5 checksum:     9526 c9f4119ba2c4b9b2a00fd0b44b01358c
      Size/MD5 checksum:   192594 3adc981ada6481239fc3c61af7781da2

  IBM S/390 architecture:
      Size/MD5 checksum:   164994 c92cd17bdead77f5ab59a314208d07ea
      Size/MD5 checksum:     8168 e4bce7d526b10a608e6238d0fb602131
      Size/MD5 checksum:     7802 551bdf573b50cff118ff68360a249630
      Size/MD5 checksum:   184668 d0917c0875e16ab54637f1ac1c299208

  Sun Sparc architecture:
      Size/MD5 checksum:   155602 8c2980db112716debc75371df0ae3e3a
      Size/MD5 checksum:     8130 462d2e5c734a69f942dd73d67224f3d4
      Size/MD5 checksum:     7304 4935a0b91d3056e28b8375d99a13181c
      Size/MD5 checksum:   174592 93b600efa8160007aa687eb67b63b141

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.