- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Moderate: gimp security update
Advisory ID:       RHSA-2007:0343-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:0343.html
Issue date:        2007-05-21
Updated on:        2007-05-21
Product:           Red Hat Enterprise Linux
Keywords:          Sun, RAS, stack, buffer, overflow
CVE Names:         CVE-2007-2356 
- ---------------------------------------------------------------------1. Summary:

Updated gimp packages that fix a security issue are now available for Red
Hat Enterprise Linux.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

The GIMP (GNU Image Manipulation Program) is an image composition and
editing program.

Marsu discovered a stack overflow bug in The GIMP RAS file loader.  An
attacker could create a carefully crafted file that could cause The GIMP to
crash or possibly execute arbitrary code if the file was opened by a
victim.  (CVE-2007-2356)

For users of Red Hat Enterprise Linux 5, the previous GIMP packages had a
bug that concerned the execution order in which the symbolic links to
externally packaged GIMP plugins are installed and removed, causing the
symbolic links to vanish when the package is updated.

Users of The GIMP should update to these erratum packages which contain a
backported fix to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at

Although the execution order problem in GIMP packages for Red Hat
Enterprise Linux 5 is fixed in these erratum packages, due to the
nature of the problem it will show up once more when updating from an
affected version to a fixed version. To add these symbolic links back in,
run the following command after installation of the new packages:

/usr/sbin/gimp-plugin-mgr --install \*

5. Bug IDs fixed (http://bugzilla.redhat.com/):

238420 - CVE-2007-2356 Stack overflow in gimp's sunras plugin
238993 - gimp removes symlinks to plugins of other packages when updated

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
966ae56338f272be563b650ace728cd1  gimp-1.2.1-7.1.el2_1.src.rpm

i386:
0b65888aa3c498a434942b4f8f8b66f7  gimp-1.2.1-7.1.el2_1.i386.rpm
e408d4dd9aae74e59ba89a6081062cde  gimp-devel-1.2.1-7.1.el2_1.i386.rpm
04e2f5318d9e3ef99cdcf87d32e5743b  gimp-perl-1.2.1-7.1.el2_1.i386.rpm

ia64:
fc15f6e273fb791a40ab4e64557d7c1c  gimp-1.2.1-7.1.el2_1.ia64.rpm
76dfffc225267384c67756294e8b2207  gimp-devel-1.2.1-7.1.el2_1.ia64.rpm
c061d995de3763ebf204d545da5f62e6  gimp-perl-1.2.1-7.1.el2_1.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
966ae56338f272be563b650ace728cd1  gimp-1.2.1-7.1.el2_1.src.rpm

ia64:
fc15f6e273fb791a40ab4e64557d7c1c  gimp-1.2.1-7.1.el2_1.ia64.rpm
76dfffc225267384c67756294e8b2207  gimp-devel-1.2.1-7.1.el2_1.ia64.rpm
c061d995de3763ebf204d545da5f62e6  gimp-perl-1.2.1-7.1.el2_1.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
966ae56338f272be563b650ace728cd1  gimp-1.2.1-7.1.el2_1.src.rpm

i386:
0b65888aa3c498a434942b4f8f8b66f7  gimp-1.2.1-7.1.el2_1.i386.rpm
e408d4dd9aae74e59ba89a6081062cde  gimp-devel-1.2.1-7.1.el2_1.i386.rpm
04e2f5318d9e3ef99cdcf87d32e5743b  gimp-perl-1.2.1-7.1.el2_1.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
966ae56338f272be563b650ace728cd1  gimp-1.2.1-7.1.el2_1.src.rpm

i386:
0b65888aa3c498a434942b4f8f8b66f7  gimp-1.2.1-7.1.el2_1.i386.rpm
e408d4dd9aae74e59ba89a6081062cde  gimp-devel-1.2.1-7.1.el2_1.i386.rpm
04e2f5318d9e3ef99cdcf87d32e5743b  gimp-perl-1.2.1-7.1.el2_1.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
628a5da1aa08808f9cf02a718375b44b  gimp-1.2.3-20.3.el3.src.rpm

i386:
13140abb55f29c2903ba030a7515ceca  gimp-1.2.3-20.3.el3.i386.rpm
00d44401b093381e7fe9f7a7e4fe538b  gimp-devel-1.2.3-20.3.el3.i386.rpm
5aaf87d39b48fc1bcc88c284d345fe95  gimp-perl-1.2.3-20.3.el3.i386.rpm

ia64:
339b4d9408a6652d1f10d3fd62913f43  gimp-1.2.3-20.3.el3.ia64.rpm
160508261f440049c5b81ed65607c720  gimp-devel-1.2.3-20.3.el3.ia64.rpm
fd4cd72ce75c406be79600628e46d23e  gimp-perl-1.2.3-20.3.el3.ia64.rpm

ppc:
179c7307b0bc9cc42b10de3c9211309b  gimp-1.2.3-20.3.el3.ppc.rpm
993aaad3f148727db4dd22f35da7d1e5  gimp-devel-1.2.3-20.3.el3.ppc.rpm
0d98a0ab9eb2f68142596772fd2f8327  gimp-perl-1.2.3-20.3.el3.ppc.rpm

s390:
82a0933ce95a8e482f07a759c0de8a3e  gimp-1.2.3-20.3.el3.s390.rpm
e1adf4e8d04181f9c6d1faa12788fac1  gimp-devel-1.2.3-20.3.el3.s390.rpm
dd3c3fc0b295595507d8c8db00ffdd40  gimp-perl-1.2.3-20.3.el3.s390.rpm

s390x:
01ac5181771dd81fd88378722a6761b1  gimp-1.2.3-20.3.el3.s390x.rpm
cf212f9c88c83f584097d605a2a15695  gimp-devel-1.2.3-20.3.el3.s390x.rpm
795508a2557affb14131c4330e4aeb3d  gimp-perl-1.2.3-20.3.el3.s390x.rpm

x86_64:
9eebd91187a8401d2756a788823d0579  gimp-1.2.3-20.3.el3.x86_64.rpm
41677a3d8111c2e3d307d27682536ebe  gimp-devel-1.2.3-20.3.el3.x86_64.rpm
d64a7bdc6176162af70fbd8828bf4a59  gimp-perl-1.2.3-20.3.el3.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
628a5da1aa08808f9cf02a718375b44b  gimp-1.2.3-20.3.el3.src.rpm

i386:
13140abb55f29c2903ba030a7515ceca  gimp-1.2.3-20.3.el3.i386.rpm
00d44401b093381e7fe9f7a7e4fe538b  gimp-devel-1.2.3-20.3.el3.i386.rpm
5aaf87d39b48fc1bcc88c284d345fe95  gimp-perl-1.2.3-20.3.el3.i386.rpm

x86_64:
9eebd91187a8401d2756a788823d0579  gimp-1.2.3-20.3.el3.x86_64.rpm
41677a3d8111c2e3d307d27682536ebe  gimp-devel-1.2.3-20.3.el3.x86_64.rpm
d64a7bdc6176162af70fbd8828bf4a59  gimp-perl-1.2.3-20.3.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
628a5da1aa08808f9cf02a718375b44b  gimp-1.2.3-20.3.el3.src.rpm

i386:
13140abb55f29c2903ba030a7515ceca  gimp-1.2.3-20.3.el3.i386.rpm
00d44401b093381e7fe9f7a7e4fe538b  gimp-devel-1.2.3-20.3.el3.i386.rpm
5aaf87d39b48fc1bcc88c284d345fe95  gimp-perl-1.2.3-20.3.el3.i386.rpm

ia64:
339b4d9408a6652d1f10d3fd62913f43  gimp-1.2.3-20.3.el3.ia64.rpm
160508261f440049c5b81ed65607c720  gimp-devel-1.2.3-20.3.el3.ia64.rpm
fd4cd72ce75c406be79600628e46d23e  gimp-perl-1.2.3-20.3.el3.ia64.rpm

x86_64:
9eebd91187a8401d2756a788823d0579  gimp-1.2.3-20.3.el3.x86_64.rpm
41677a3d8111c2e3d307d27682536ebe  gimp-devel-1.2.3-20.3.el3.x86_64.rpm
d64a7bdc6176162af70fbd8828bf4a59  gimp-perl-1.2.3-20.3.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
628a5da1aa08808f9cf02a718375b44b  gimp-1.2.3-20.3.el3.src.rpm

i386:
13140abb55f29c2903ba030a7515ceca  gimp-1.2.3-20.3.el3.i386.rpm
00d44401b093381e7fe9f7a7e4fe538b  gimp-devel-1.2.3-20.3.el3.i386.rpm
5aaf87d39b48fc1bcc88c284d345fe95  gimp-perl-1.2.3-20.3.el3.i386.rpm

ia64:
339b4d9408a6652d1f10d3fd62913f43  gimp-1.2.3-20.3.el3.ia64.rpm
160508261f440049c5b81ed65607c720  gimp-devel-1.2.3-20.3.el3.ia64.rpm
fd4cd72ce75c406be79600628e46d23e  gimp-perl-1.2.3-20.3.el3.ia64.rpm

x86_64:
9eebd91187a8401d2756a788823d0579  gimp-1.2.3-20.3.el3.x86_64.rpm
41677a3d8111c2e3d307d27682536ebe  gimp-devel-1.2.3-20.3.el3.x86_64.rpm
d64a7bdc6176162af70fbd8828bf4a59  gimp-perl-1.2.3-20.3.el3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
c2d079b69ba7d801722f1dba2e8aa702  gimp-2.0.5-6.2.el4.src.rpm

i386:
17bf32b584894c88e0533a3174a337cc  gimp-2.0.5-6.2.el4.i386.rpm
09b8904b0105f00f97631d3796a1f11e  gimp-debuginfo-2.0.5-6.2.el4.i386.rpm
79e75155d8ff7178220f4b7864ab7c2f  gimp-devel-2.0.5-6.2.el4.i386.rpm

ia64:
9fea9f68af78aa7cf583afde155f1c7f  gimp-2.0.5-6.2.el4.ia64.rpm
c718157fc4aafd6d31e3bbd51d965620  gimp-debuginfo-2.0.5-6.2.el4.ia64.rpm
27d0ed385ec4a2e3e909fd3ddf5eb569  gimp-devel-2.0.5-6.2.el4.ia64.rpm

ppc:
87c99ee64f7263215efc94f3a83b05ab  gimp-2.0.5-6.2.el4.ppc.rpm
b65b4f61ad6f9b35da7da7ab967acc7a  gimp-debuginfo-2.0.5-6.2.el4.ppc.rpm
6c0ee6f355b56f0b29579b1c63ce7bd0  gimp-devel-2.0.5-6.2.el4.ppc.rpm

s390:
8e921086dcc89637a7354275d0840f76  gimp-2.0.5-6.2.el4.s390.rpm
7a3dc1731478a28bdd55097199a7b8c3  gimp-debuginfo-2.0.5-6.2.el4.s390.rpm
eec02110fa45ca82545e6c7f85d3b035  gimp-devel-2.0.5-6.2.el4.s390.rpm

s390x:
1a5c29254802f52fdf8ae5013ebb108f  gimp-2.0.5-6.2.el4.s390x.rpm
2c0adb5e806fb2bed676df740002b946  gimp-debuginfo-2.0.5-6.2.el4.s390x.rpm
605af1137f9615cd88e29a6269318946  gimp-devel-2.0.5-6.2.el4.s390x.rpm

x86_64:
a6cf7ee69ae6d356e74afc272dc63a5c  gimp-2.0.5-6.2.el4.x86_64.rpm
8b5a416e565136a7790b79e45d39fe48  gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm
40652baa1aff3c0efb7f926e681f0e05  gimp-devel-2.0.5-6.2.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
c2d079b69ba7d801722f1dba2e8aa702  gimp-2.0.5-6.2.el4.src.rpm

i386:
17bf32b584894c88e0533a3174a337cc  gimp-2.0.5-6.2.el4.i386.rpm
09b8904b0105f00f97631d3796a1f11e  gimp-debuginfo-2.0.5-6.2.el4.i386.rpm
79e75155d8ff7178220f4b7864ab7c2f  gimp-devel-2.0.5-6.2.el4.i386.rpm

x86_64:
a6cf7ee69ae6d356e74afc272dc63a5c  gimp-2.0.5-6.2.el4.x86_64.rpm
8b5a416e565136a7790b79e45d39fe48  gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm
40652baa1aff3c0efb7f926e681f0e05  gimp-devel-2.0.5-6.2.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
c2d079b69ba7d801722f1dba2e8aa702  gimp-2.0.5-6.2.el4.src.rpm

i386:
17bf32b584894c88e0533a3174a337cc  gimp-2.0.5-6.2.el4.i386.rpm
09b8904b0105f00f97631d3796a1f11e  gimp-debuginfo-2.0.5-6.2.el4.i386.rpm
79e75155d8ff7178220f4b7864ab7c2f  gimp-devel-2.0.5-6.2.el4.i386.rpm

ia64:
9fea9f68af78aa7cf583afde155f1c7f  gimp-2.0.5-6.2.el4.ia64.rpm
c718157fc4aafd6d31e3bbd51d965620  gimp-debuginfo-2.0.5-6.2.el4.ia64.rpm
27d0ed385ec4a2e3e909fd3ddf5eb569  gimp-devel-2.0.5-6.2.el4.ia64.rpm

x86_64:
a6cf7ee69ae6d356e74afc272dc63a5c  gimp-2.0.5-6.2.el4.x86_64.rpm
8b5a416e565136a7790b79e45d39fe48  gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm
40652baa1aff3c0efb7f926e681f0e05  gimp-devel-2.0.5-6.2.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
c2d079b69ba7d801722f1dba2e8aa702  gimp-2.0.5-6.2.el4.src.rpm

i386:
17bf32b584894c88e0533a3174a337cc  gimp-2.0.5-6.2.el4.i386.rpm
09b8904b0105f00f97631d3796a1f11e  gimp-debuginfo-2.0.5-6.2.el4.i386.rpm
79e75155d8ff7178220f4b7864ab7c2f  gimp-devel-2.0.5-6.2.el4.i386.rpm

ia64:
9fea9f68af78aa7cf583afde155f1c7f  gimp-2.0.5-6.2.el4.ia64.rpm
c718157fc4aafd6d31e3bbd51d965620  gimp-debuginfo-2.0.5-6.2.el4.ia64.rpm
27d0ed385ec4a2e3e909fd3ddf5eb569  gimp-devel-2.0.5-6.2.el4.ia64.rpm

x86_64:
a6cf7ee69ae6d356e74afc272dc63a5c  gimp-2.0.5-6.2.el4.x86_64.rpm
8b5a416e565136a7790b79e45d39fe48  gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm
40652baa1aff3c0efb7f926e681f0e05  gimp-devel-2.0.5-6.2.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
3aff337157820bf5faa7c31760c04ed5  gimp-2.2.13-2.el5.src.rpm

i386:
4c1b0b02ec6428aada52013cf05d29ef  gimp-2.2.13-2.el5.i386.rpm
0a83e5c7ba24e7c23ac36f1afd70bf4a  gimp-debuginfo-2.2.13-2.el5.i386.rpm
5567e2d201941af307f0f17c227dea51  gimp-libs-2.2.13-2.el5.i386.rpm

x86_64:
3156ef0de40c15fd2c25c2b0953d0229  gimp-2.2.13-2.el5.x86_64.rpm
0a83e5c7ba24e7c23ac36f1afd70bf4a  gimp-debuginfo-2.2.13-2.el5.i386.rpm
2efecf64bb603936ccf7ea15e4445682  gimp-debuginfo-2.2.13-2.el5.x86_64.rpm
5567e2d201941af307f0f17c227dea51  gimp-libs-2.2.13-2.el5.i386.rpm
1b919169721eacfa8e2c0cfed85d2156  gimp-libs-2.2.13-2.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
3aff337157820bf5faa7c31760c04ed5  gimp-2.2.13-2.el5.src.rpm

i386:
0a83e5c7ba24e7c23ac36f1afd70bf4a  gimp-debuginfo-2.2.13-2.el5.i386.rpm
6dc9224fa3ffb16f222000a06949c2a1  gimp-devel-2.2.13-2.el5.i386.rpm

x86_64:
0a83e5c7ba24e7c23ac36f1afd70bf4a  gimp-debuginfo-2.2.13-2.el5.i386.rpm
2efecf64bb603936ccf7ea15e4445682  gimp-debuginfo-2.2.13-2.el5.x86_64.rpm
6dc9224fa3ffb16f222000a06949c2a1  gimp-devel-2.2.13-2.el5.i386.rpm
8c7c94f6807b3285199b1b8cd0f36b9a  gimp-devel-2.2.13-2.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
3aff337157820bf5faa7c31760c04ed5  gimp-2.2.13-2.el5.src.rpm

i386:
4c1b0b02ec6428aada52013cf05d29ef  gimp-2.2.13-2.el5.i386.rpm
0a83e5c7ba24e7c23ac36f1afd70bf4a  gimp-debuginfo-2.2.13-2.el5.i386.rpm
6dc9224fa3ffb16f222000a06949c2a1  gimp-devel-2.2.13-2.el5.i386.rpm
5567e2d201941af307f0f17c227dea51  gimp-libs-2.2.13-2.el5.i386.rpm

ia64:
2d675c2e14fd63cd4f6e905b9bf43bea  gimp-2.2.13-2.el5.ia64.rpm
faaaf9c9ef8170fa53622b306dfc6ee1  gimp-debuginfo-2.2.13-2.el5.ia64.rpm
67e29ec03af2e11ff14abc2b431c4b1f  gimp-devel-2.2.13-2.el5.ia64.rpm
25decd1e09041303865465183340e152  gimp-libs-2.2.13-2.el5.ia64.rpm

ppc:
e9ab4fee6740062ec93ddd700f60cdd8  gimp-2.2.13-2.el5.ppc.rpm
ecf5681bbff643f793a19f0e7d484a6d  gimp-debuginfo-2.2.13-2.el5.ppc.rpm
e5443537d52eff22c417fcb70ba8be83  gimp-debuginfo-2.2.13-2.el5.ppc64.rpm
b0a8fcaa207c0ae08dea9cb32fe0e741  gimp-devel-2.2.13-2.el5.ppc.rpm
4a2478d4fc5883a437aa61dee3814235  gimp-devel-2.2.13-2.el5.ppc64.rpm
ce0ec287ccfcf0c649b26cbfb56a44d2  gimp-libs-2.2.13-2.el5.ppc.rpm
6431b4ad67303429111d738f474656b3  gimp-libs-2.2.13-2.el5.ppc64.rpm

s390x:
fb75c32f23593f270257e800d1da4466  gimp-2.2.13-2.el5.s390x.rpm
3f8295a5c93c4a7b5d9f5b22c43c8c70  gimp-debuginfo-2.2.13-2.el5.s390.rpm
de605de5302415b3e162038a09e0482a  gimp-debuginfo-2.2.13-2.el5.s390x.rpm
e438b01aece2f6431f2f896becec188c  gimp-devel-2.2.13-2.el5.s390.rpm
1e2ffeb7d4218aa0ccd20cd40a3a61f2  gimp-devel-2.2.13-2.el5.s390x.rpm
f408afe8501bd1c1a4cf58a5e9d8116b  gimp-libs-2.2.13-2.el5.s390.rpm
a0c438772547eb9a6671af35da6a23f4  gimp-libs-2.2.13-2.el5.s390x.rpm

x86_64:
3156ef0de40c15fd2c25c2b0953d0229  gimp-2.2.13-2.el5.x86_64.rpm
0a83e5c7ba24e7c23ac36f1afd70bf4a  gimp-debuginfo-2.2.13-2.el5.i386.rpm
2efecf64bb603936ccf7ea15e4445682  gimp-debuginfo-2.2.13-2.el5.x86_64.rpm
6dc9224fa3ffb16f222000a06949c2a1  gimp-devel-2.2.13-2.el5.i386.rpm
8c7c94f6807b3285199b1b8cd0f36b9a  gimp-devel-2.2.13-2.el5.x86_64.rpm
5567e2d201941af307f0f17c227dea51  gimp-libs-2.2.13-2.el5.i386.rpm
1b919169721eacfa8e2c0cfed85d2156  gimp-libs-2.2.13-2.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

RedHat: Moderate: gimp security update

Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux.Marsu discovered a stack overflow bug in The GIMP RAS file loader

Summary



Summary

The GIMP (GNU Image Manipulation Program) is an image composition and editing program. Marsu discovered a stack overflow bug in The GIMP RAS file loader. An attacker could create a carefully crafted file that could cause The GIMP to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-2356) For users of Red Hat Enterprise Linux 5, the previous GIMP packages had a bug that concerned the execution order in which the symbolic links to externally packaged GIMP plugins are installed and removed, causing the symbolic links to vanish when the package is updated. Users of The GIMP should update to these erratum packages which contain a backported fix to correct these issues.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at
Although the execution order problem in GIMP packages for Red Hat Enterprise Linux 5 is fixed in these erratum packages, due to the nature of the problem it will show up once more when updating from an affected version to a fixed version. To add these symbolic links back in, run the following command after installation of the new packages:
/usr/sbin/gimp-plugin-mgr --install \*
5. Bug IDs fixed (http://bugzilla.redhat.com/):
238420 - CVE-2007-2356 Stack overflow in gimp's sunras plugin 238993 - gimp removes symlinks to plugins of other packages when updated
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS: 966ae56338f272be563b650ace728cd1 gimp-1.2.1-7.1.el2_1.src.rpm
i386: 0b65888aa3c498a434942b4f8f8b66f7 gimp-1.2.1-7.1.el2_1.i386.rpm e408d4dd9aae74e59ba89a6081062cde gimp-devel-1.2.1-7.1.el2_1.i386.rpm 04e2f5318d9e3ef99cdcf87d32e5743b gimp-perl-1.2.1-7.1.el2_1.i386.rpm
ia64: fc15f6e273fb791a40ab4e64557d7c1c gimp-1.2.1-7.1.el2_1.ia64.rpm 76dfffc225267384c67756294e8b2207 gimp-devel-1.2.1-7.1.el2_1.ia64.rpm c061d995de3763ebf204d545da5f62e6 gimp-perl-1.2.1-7.1.el2_1.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS: 966ae56338f272be563b650ace728cd1 gimp-1.2.1-7.1.el2_1.src.rpm
ia64: fc15f6e273fb791a40ab4e64557d7c1c gimp-1.2.1-7.1.el2_1.ia64.rpm 76dfffc225267384c67756294e8b2207 gimp-devel-1.2.1-7.1.el2_1.ia64.rpm c061d995de3763ebf204d545da5f62e6 gimp-perl-1.2.1-7.1.el2_1.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS: 966ae56338f272be563b650ace728cd1 gimp-1.2.1-7.1.el2_1.src.rpm
i386: 0b65888aa3c498a434942b4f8f8b66f7 gimp-1.2.1-7.1.el2_1.i386.rpm e408d4dd9aae74e59ba89a6081062cde gimp-devel-1.2.1-7.1.el2_1.i386.rpm 04e2f5318d9e3ef99cdcf87d32e5743b gimp-perl-1.2.1-7.1.el2_1.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS: 966ae56338f272be563b650ace728cd1 gimp-1.2.1-7.1.el2_1.src.rpm
i386: 0b65888aa3c498a434942b4f8f8b66f7 gimp-1.2.1-7.1.el2_1.i386.rpm e408d4dd9aae74e59ba89a6081062cde gimp-devel-1.2.1-7.1.el2_1.i386.rpm 04e2f5318d9e3ef99cdcf87d32e5743b gimp-perl-1.2.1-7.1.el2_1.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS: 628a5da1aa08808f9cf02a718375b44b gimp-1.2.3-20.3.el3.src.rpm
i386: 13140abb55f29c2903ba030a7515ceca gimp-1.2.3-20.3.el3.i386.rpm 00d44401b093381e7fe9f7a7e4fe538b gimp-devel-1.2.3-20.3.el3.i386.rpm 5aaf87d39b48fc1bcc88c284d345fe95 gimp-perl-1.2.3-20.3.el3.i386.rpm
ia64: 339b4d9408a6652d1f10d3fd62913f43 gimp-1.2.3-20.3.el3.ia64.rpm 160508261f440049c5b81ed65607c720 gimp-devel-1.2.3-20.3.el3.ia64.rpm fd4cd72ce75c406be79600628e46d23e gimp-perl-1.2.3-20.3.el3.ia64.rpm
ppc: 179c7307b0bc9cc42b10de3c9211309b gimp-1.2.3-20.3.el3.ppc.rpm 993aaad3f148727db4dd22f35da7d1e5 gimp-devel-1.2.3-20.3.el3.ppc.rpm 0d98a0ab9eb2f68142596772fd2f8327 gimp-perl-1.2.3-20.3.el3.ppc.rpm
s390: 82a0933ce95a8e482f07a759c0de8a3e gimp-1.2.3-20.3.el3.s390.rpm e1adf4e8d04181f9c6d1faa12788fac1 gimp-devel-1.2.3-20.3.el3.s390.rpm dd3c3fc0b295595507d8c8db00ffdd40 gimp-perl-1.2.3-20.3.el3.s390.rpm
s390x: 01ac5181771dd81fd88378722a6761b1 gimp-1.2.3-20.3.el3.s390x.rpm cf212f9c88c83f584097d605a2a15695 gimp-devel-1.2.3-20.3.el3.s390x.rpm 795508a2557affb14131c4330e4aeb3d gimp-perl-1.2.3-20.3.el3.s390x.rpm
x86_64: 9eebd91187a8401d2756a788823d0579 gimp-1.2.3-20.3.el3.x86_64.rpm 41677a3d8111c2e3d307d27682536ebe gimp-devel-1.2.3-20.3.el3.x86_64.rpm d64a7bdc6176162af70fbd8828bf4a59 gimp-perl-1.2.3-20.3.el3.x86_64.rpm
Red Hat Desktop version 3:
SRPMS: 628a5da1aa08808f9cf02a718375b44b gimp-1.2.3-20.3.el3.src.rpm
i386: 13140abb55f29c2903ba030a7515ceca gimp-1.2.3-20.3.el3.i386.rpm 00d44401b093381e7fe9f7a7e4fe538b gimp-devel-1.2.3-20.3.el3.i386.rpm 5aaf87d39b48fc1bcc88c284d345fe95 gimp-perl-1.2.3-20.3.el3.i386.rpm
x86_64: 9eebd91187a8401d2756a788823d0579 gimp-1.2.3-20.3.el3.x86_64.rpm 41677a3d8111c2e3d307d27682536ebe gimp-devel-1.2.3-20.3.el3.x86_64.rpm d64a7bdc6176162af70fbd8828bf4a59 gimp-perl-1.2.3-20.3.el3.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS: 628a5da1aa08808f9cf02a718375b44b gimp-1.2.3-20.3.el3.src.rpm
i386: 13140abb55f29c2903ba030a7515ceca gimp-1.2.3-20.3.el3.i386.rpm 00d44401b093381e7fe9f7a7e4fe538b gimp-devel-1.2.3-20.3.el3.i386.rpm 5aaf87d39b48fc1bcc88c284d345fe95 gimp-perl-1.2.3-20.3.el3.i386.rpm
ia64: 339b4d9408a6652d1f10d3fd62913f43 gimp-1.2.3-20.3.el3.ia64.rpm 160508261f440049c5b81ed65607c720 gimp-devel-1.2.3-20.3.el3.ia64.rpm fd4cd72ce75c406be79600628e46d23e gimp-perl-1.2.3-20.3.el3.ia64.rpm
x86_64: 9eebd91187a8401d2756a788823d0579 gimp-1.2.3-20.3.el3.x86_64.rpm 41677a3d8111c2e3d307d27682536ebe gimp-devel-1.2.3-20.3.el3.x86_64.rpm d64a7bdc6176162af70fbd8828bf4a59 gimp-perl-1.2.3-20.3.el3.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS: 628a5da1aa08808f9cf02a718375b44b gimp-1.2.3-20.3.el3.src.rpm
i386: 13140abb55f29c2903ba030a7515ceca gimp-1.2.3-20.3.el3.i386.rpm 00d44401b093381e7fe9f7a7e4fe538b gimp-devel-1.2.3-20.3.el3.i386.rpm 5aaf87d39b48fc1bcc88c284d345fe95 gimp-perl-1.2.3-20.3.el3.i386.rpm
ia64: 339b4d9408a6652d1f10d3fd62913f43 gimp-1.2.3-20.3.el3.ia64.rpm 160508261f440049c5b81ed65607c720 gimp-devel-1.2.3-20.3.el3.ia64.rpm fd4cd72ce75c406be79600628e46d23e gimp-perl-1.2.3-20.3.el3.ia64.rpm
x86_64: 9eebd91187a8401d2756a788823d0579 gimp-1.2.3-20.3.el3.x86_64.rpm 41677a3d8111c2e3d307d27682536ebe gimp-devel-1.2.3-20.3.el3.x86_64.rpm d64a7bdc6176162af70fbd8828bf4a59 gimp-perl-1.2.3-20.3.el3.x86_64.rpm
Red Hat Enterprise Linux AS version 4:
SRPMS: c2d079b69ba7d801722f1dba2e8aa702 gimp-2.0.5-6.2.el4.src.rpm
i386: 17bf32b584894c88e0533a3174a337cc gimp-2.0.5-6.2.el4.i386.rpm 09b8904b0105f00f97631d3796a1f11e gimp-debuginfo-2.0.5-6.2.el4.i386.rpm 79e75155d8ff7178220f4b7864ab7c2f gimp-devel-2.0.5-6.2.el4.i386.rpm
ia64: 9fea9f68af78aa7cf583afde155f1c7f gimp-2.0.5-6.2.el4.ia64.rpm c718157fc4aafd6d31e3bbd51d965620 gimp-debuginfo-2.0.5-6.2.el4.ia64.rpm 27d0ed385ec4a2e3e909fd3ddf5eb569 gimp-devel-2.0.5-6.2.el4.ia64.rpm
ppc: 87c99ee64f7263215efc94f3a83b05ab gimp-2.0.5-6.2.el4.ppc.rpm b65b4f61ad6f9b35da7da7ab967acc7a gimp-debuginfo-2.0.5-6.2.el4.ppc.rpm 6c0ee6f355b56f0b29579b1c63ce7bd0 gimp-devel-2.0.5-6.2.el4.ppc.rpm
s390: 8e921086dcc89637a7354275d0840f76 gimp-2.0.5-6.2.el4.s390.rpm 7a3dc1731478a28bdd55097199a7b8c3 gimp-debuginfo-2.0.5-6.2.el4.s390.rpm eec02110fa45ca82545e6c7f85d3b035 gimp-devel-2.0.5-6.2.el4.s390.rpm
s390x: 1a5c29254802f52fdf8ae5013ebb108f gimp-2.0.5-6.2.el4.s390x.rpm 2c0adb5e806fb2bed676df740002b946 gimp-debuginfo-2.0.5-6.2.el4.s390x.rpm 605af1137f9615cd88e29a6269318946 gimp-devel-2.0.5-6.2.el4.s390x.rpm
x86_64: a6cf7ee69ae6d356e74afc272dc63a5c gimp-2.0.5-6.2.el4.x86_64.rpm 8b5a416e565136a7790b79e45d39fe48 gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm 40652baa1aff3c0efb7f926e681f0e05 gimp-devel-2.0.5-6.2.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS: c2d079b69ba7d801722f1dba2e8aa702 gimp-2.0.5-6.2.el4.src.rpm
i386: 17bf32b584894c88e0533a3174a337cc gimp-2.0.5-6.2.el4.i386.rpm 09b8904b0105f00f97631d3796a1f11e gimp-debuginfo-2.0.5-6.2.el4.i386.rpm 79e75155d8ff7178220f4b7864ab7c2f gimp-devel-2.0.5-6.2.el4.i386.rpm
x86_64: a6cf7ee69ae6d356e74afc272dc63a5c gimp-2.0.5-6.2.el4.x86_64.rpm 8b5a416e565136a7790b79e45d39fe48 gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm 40652baa1aff3c0efb7f926e681f0e05 gimp-devel-2.0.5-6.2.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS: c2d079b69ba7d801722f1dba2e8aa702 gimp-2.0.5-6.2.el4.src.rpm
i386: 17bf32b584894c88e0533a3174a337cc gimp-2.0.5-6.2.el4.i386.rpm 09b8904b0105f00f97631d3796a1f11e gimp-debuginfo-2.0.5-6.2.el4.i386.rpm 79e75155d8ff7178220f4b7864ab7c2f gimp-devel-2.0.5-6.2.el4.i386.rpm
ia64: 9fea9f68af78aa7cf583afde155f1c7f gimp-2.0.5-6.2.el4.ia64.rpm c718157fc4aafd6d31e3bbd51d965620 gimp-debuginfo-2.0.5-6.2.el4.ia64.rpm 27d0ed385ec4a2e3e909fd3ddf5eb569 gimp-devel-2.0.5-6.2.el4.ia64.rpm
x86_64: a6cf7ee69ae6d356e74afc272dc63a5c gimp-2.0.5-6.2.el4.x86_64.rpm 8b5a416e565136a7790b79e45d39fe48 gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm 40652baa1aff3c0efb7f926e681f0e05 gimp-devel-2.0.5-6.2.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS: c2d079b69ba7d801722f1dba2e8aa702 gimp-2.0.5-6.2.el4.src.rpm
i386: 17bf32b584894c88e0533a3174a337cc gimp-2.0.5-6.2.el4.i386.rpm 09b8904b0105f00f97631d3796a1f11e gimp-debuginfo-2.0.5-6.2.el4.i386.rpm 79e75155d8ff7178220f4b7864ab7c2f gimp-devel-2.0.5-6.2.el4.i386.rpm
ia64: 9fea9f68af78aa7cf583afde155f1c7f gimp-2.0.5-6.2.el4.ia64.rpm c718157fc4aafd6d31e3bbd51d965620 gimp-debuginfo-2.0.5-6.2.el4.ia64.rpm 27d0ed385ec4a2e3e909fd3ddf5eb569 gimp-devel-2.0.5-6.2.el4.ia64.rpm
x86_64: a6cf7ee69ae6d356e74afc272dc63a5c gimp-2.0.5-6.2.el4.x86_64.rpm 8b5a416e565136a7790b79e45d39fe48 gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm 40652baa1aff3c0efb7f926e681f0e05 gimp-devel-2.0.5-6.2.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS: 3aff337157820bf5faa7c31760c04ed5 gimp-2.2.13-2.el5.src.rpm
i386: 4c1b0b02ec6428aada52013cf05d29ef gimp-2.2.13-2.el5.i386.rpm 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 5567e2d201941af307f0f17c227dea51 gimp-libs-2.2.13-2.el5.i386.rpm
x86_64: 3156ef0de40c15fd2c25c2b0953d0229 gimp-2.2.13-2.el5.x86_64.rpm 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 2efecf64bb603936ccf7ea15e4445682 gimp-debuginfo-2.2.13-2.el5.x86_64.rpm 5567e2d201941af307f0f17c227dea51 gimp-libs-2.2.13-2.el5.i386.rpm 1b919169721eacfa8e2c0cfed85d2156 gimp-libs-2.2.13-2.el5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
SRPMS: 3aff337157820bf5faa7c31760c04ed5 gimp-2.2.13-2.el5.src.rpm
i386: 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 6dc9224fa3ffb16f222000a06949c2a1 gimp-devel-2.2.13-2.el5.i386.rpm
x86_64: 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 2efecf64bb603936ccf7ea15e4445682 gimp-debuginfo-2.2.13-2.el5.x86_64.rpm 6dc9224fa3ffb16f222000a06949c2a1 gimp-devel-2.2.13-2.el5.i386.rpm 8c7c94f6807b3285199b1b8cd0f36b9a gimp-devel-2.2.13-2.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS: 3aff337157820bf5faa7c31760c04ed5 gimp-2.2.13-2.el5.src.rpm
i386: 4c1b0b02ec6428aada52013cf05d29ef gimp-2.2.13-2.el5.i386.rpm 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 6dc9224fa3ffb16f222000a06949c2a1 gimp-devel-2.2.13-2.el5.i386.rpm 5567e2d201941af307f0f17c227dea51 gimp-libs-2.2.13-2.el5.i386.rpm
ia64: 2d675c2e14fd63cd4f6e905b9bf43bea gimp-2.2.13-2.el5.ia64.rpm faaaf9c9ef8170fa53622b306dfc6ee1 gimp-debuginfo-2.2.13-2.el5.ia64.rpm 67e29ec03af2e11ff14abc2b431c4b1f gimp-devel-2.2.13-2.el5.ia64.rpm 25decd1e09041303865465183340e152 gimp-libs-2.2.13-2.el5.ia64.rpm
ppc: e9ab4fee6740062ec93ddd700f60cdd8 gimp-2.2.13-2.el5.ppc.rpm ecf5681bbff643f793a19f0e7d484a6d gimp-debuginfo-2.2.13-2.el5.ppc.rpm e5443537d52eff22c417fcb70ba8be83 gimp-debuginfo-2.2.13-2.el5.ppc64.rpm b0a8fcaa207c0ae08dea9cb32fe0e741 gimp-devel-2.2.13-2.el5.ppc.rpm 4a2478d4fc5883a437aa61dee3814235 gimp-devel-2.2.13-2.el5.ppc64.rpm ce0ec287ccfcf0c649b26cbfb56a44d2 gimp-libs-2.2.13-2.el5.ppc.rpm 6431b4ad67303429111d738f474656b3 gimp-libs-2.2.13-2.el5.ppc64.rpm
s390x: fb75c32f23593f270257e800d1da4466 gimp-2.2.13-2.el5.s390x.rpm 3f8295a5c93c4a7b5d9f5b22c43c8c70 gimp-debuginfo-2.2.13-2.el5.s390.rpm de605de5302415b3e162038a09e0482a gimp-debuginfo-2.2.13-2.el5.s390x.rpm e438b01aece2f6431f2f896becec188c gimp-devel-2.2.13-2.el5.s390.rpm 1e2ffeb7d4218aa0ccd20cd40a3a61f2 gimp-devel-2.2.13-2.el5.s390x.rpm f408afe8501bd1c1a4cf58a5e9d8116b gimp-libs-2.2.13-2.el5.s390.rpm a0c438772547eb9a6671af35da6a23f4 gimp-libs-2.2.13-2.el5.s390x.rpm
x86_64: 3156ef0de40c15fd2c25c2b0953d0229 gimp-2.2.13-2.el5.x86_64.rpm 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 2efecf64bb603936ccf7ea15e4445682 gimp-debuginfo-2.2.13-2.el5.x86_64.rpm 6dc9224fa3ffb16f222000a06949c2a1 gimp-devel-2.2.13-2.el5.i386.rpm 8c7c94f6807b3285199b1b8cd0f36b9a gimp-devel-2.2.13-2.el5.x86_64.rpm 5567e2d201941af307f0f17c227dea51 gimp-libs-2.2.13-2.el5.i386.rpm 1b919169721eacfa8e2c0cfed85d2156 gimp-libs-2.2.13-2.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 http://www.redhat.com/security/updates/classification/#moderate

Package List


Severity
Advisory ID: RHSA-2007:0343-01
Advisory URL: https://access.redhat.com/errata/RHSA-2007:0343.html
Issued Date: : 2007-05-21
Updated on: 2007-05-21
Product: Red Hat Enterprise Linux
Keywords: Sun, RAS, stack, buffer, overflow
CVE Names: CVE-2007-2356 Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64

Red Hat Linux Advanced Workstation 2.1 - ia64

Red Hat Enterprise Linux ES version 2.1 - i386

Red Hat Enterprise Linux WS version 2.1 - i386

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Desktop version 3 - i386, x86_64

Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64


Bugs Fixed


Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved