Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: Gimp vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that Gimp did not correctly handle RAS image format color tables. By tricking a user into opening a specially crafted RAS file with Gimp, an attacker could exploit this to execute arbitrary code with the user's privileges.
Ubuntu Security Notice USN-467-1               May 31, 2007
gimp vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  gimp                                     2.2.11-1ubuntu3.2

Ubuntu 6.10:
  gimp                                     2.2.13-1ubuntu3.1

Ubuntu 7.04:
  gimp                                     2.2.13-1ubuntu4.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Gimp did not correctly handle RAS image format
color tables.  By tricking a user into opening a specially crafted RAS
file with Gimp, an attacker could exploit this to execute arbitrary code
with the user's privileges.

Updated packages for Ubuntu 6.06 LTS:

  Source archives:
      Size/MD5:    34440 bdc1f59f4e8509532205cc8f7707ddf9
      Size/MD5:     1264 fb1320380859fb8efc3926938f7a263f
      Size/MD5: 18549092 c4312189e3a7f869a26874854dc6a1d7

  Architecture independent packages:
      Size/MD5:  2093574 1329c70db8cd69f83e0becefa4e2469b
      Size/MD5:   527572 3d7fafd040d9ad6f2110b99009ade41f

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:  8473796 99e1cbd0d6c038f2b72df2e5ed459eec
      Size/MD5:    53194 5619cd9f170f3f1b84757769c7671302
      Size/MD5:   133586 e0b1ca666de5befffd1f0ae623730db7
      Size/MD5:    53254 7d3700aa23b500f8925e87f6aa31eb26
      Size/MD5:  3148084 553792069611f6b21f33a470b4f9154b
      Size/MD5:   108842 97a5fc85c62645b5fef63eff0f0b2e7a
      Size/MD5:   453550 53a52661ea65febe342ddad587e59ca5

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:  7197306 6da1595d437f265aae4c12dedc66ff54
      Size/MD5:    51890 d604356b391b63992cbb3f14f785b88e
      Size/MD5:   125966 161255aa69a1e9e2e88012ea6ff527b8
      Size/MD5:    52314 f31695714598bc06adb8c71f9486192d
      Size/MD5:  2777862 a0a83fffe71d98d5534bd1a49e677dde
      Size/MD5:   108838 c7b201abc6038edbd5a6a10f7b10b3d2
      Size/MD5:   410406 931a49d570d973370b76f657eeceb3c5

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:  8506756 e25c5e40652a07fb1a2a6d8ee8de54fe
      Size/MD5:    53666 7fe0f1182fdcdcfcb60e3a7ea7d3076f
      Size/MD5:   129498 8be9c7d1ed3c7e5ffb904b7dc3e9b476
      Size/MD5:    54312 fc6acc79a884fd6d92932f55945cd281
      Size/MD5:  3229200 08440562bdecf8f01020cac711d3a182
      Size/MD5:   108834 df2ab1c4b6e92cce85c519cfc12dee22
      Size/MD5:   444964 c104f1bbdad54705d920997280ab1acd

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:  7494306 f01fdc60ddc96230fea3457a889610b7
      Size/MD5:    52046 613d569436655bf82acf7ab0cceb2248
      Size/MD5:   127280 eaaca0955648bc0928553b4a29688367
      Size/MD5:    52514 410062f39538ffed85ba19eb37184ef8
      Size/MD5:  2821538 98f0018ec260eef65c2869853be3a835
      Size/MD5:   108844 ab1d8c7db1dc963d01d2816faaca9368
      Size/MD5:   428878 123d355a99106e21e5df3939237fcea8

Updated packages for Ubuntu 6.10:

  Source archives:
      Size/MD5:    30195 178737a7a88015d5927b63b1d5180726
      Size/MD5:     1276 988e60f6f2844f6faf2676967317cf79
      Size/MD5: 18816434 20c3cd6b730c11da4d70671ed047f803

  Architecture independent packages:
      Size/MD5:  2104956 3a1c3757851eff839bfcc1ee4ad94087
      Size/MD5:   556572 4fabb4672a1a77c7b25bf1a4c4e2fa4b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:  8426114 f68918343c3e2d9e55722faea2c70a41
      Size/MD5:    65218 f718fa7945e0fc6f0234cf8bbf5012c4
      Size/MD5:   146000 11de8da496c098060c689ace3c3be6d2
      Size/MD5:    65470 239365582b4690e076515b1d58183419
      Size/MD5:  3226190 3b06b4fe8d77aba923251c281e0c7a7b
      Size/MD5:   119774 a4f5285b3fecadd2bc073ede0bf6d34a
      Size/MD5:   466960 ebaf461d63f575e71f1ff408260c0b55

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:  7732340 bbf0c0c74b2af962fdfbf590914c2f23
      Size/MD5:    64198 4b1c3ef3f103a37a9e21e0078875260a
      Size/MD5:   139782 612218506c2b2c23b757cdb9da9a9f3b
      Size/MD5:    64496 4f0b83eb01ced962a72d0af3cd2c0f1b
      Size/MD5:  2961134 5c881db47e8c027aad1c8eb64a3a4169
      Size/MD5:   119784 41efc6a5477abd20da6a03def8bf23e7
      Size/MD5:   434414 c6e52526df195dfb4a86b09a5150a25b

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:  8625610 35a8b50db45351482f582614343ef6ee
      Size/MD5:    65678 ceef95933c42ea128f8d5f87366bc92e
      Size/MD5:   142248 b932ca9621faab018dc4c34ef6fb5b73
      Size/MD5:    66324 913270d682774e6f597b90f9e0565737
      Size/MD5:  3332744 3ee45bffcd0d6e83ba3bb42fe6276b2f
      Size/MD5:   119780 1424304848111297ea21bdacdb77f276
      Size/MD5:   460250 0ee28a181c9381f2f5659e00dab5d403

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:  7819208 64ea42af493c5c7ccec83e4518a6fef7
      Size/MD5:    64086 6786eda80cef763d7b1e72ba77c6a6c6
      Size/MD5:   139888 49b93c02781a04427a89bf5548880bc8
      Size/MD5:    64604 c235594552817457e058b2f72ad87143
      Size/MD5:  2915186 49af46fd426eca0c9e5856974e64f4dc
      Size/MD5:   119778 01c3e0bf7def90c553e4a1228562efa7
      Size/MD5:   441864 44b3cb8f80a157c102fe90306aa8e630

Updated packages for Ubuntu 7.04:

  Source archives:
      Size/MD5:    30297 8dd0971f0194eb28df843e3e1fdc4ce0
      Size/MD5:     1360 13e18dad67e37bc5c041decf5ee5b43d
      Size/MD5: 18816434 20c3cd6b730c11da4d70671ed047f803

  Architecture independent packages:
      Size/MD5:  2105006 08d4eef7c0714743d4d50c15ab2fcde6
      Size/MD5:   556648 d81f999cca51c690fc134a50f7f7b3c8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:  8443830 7df3b7d2a0dcd1a819d1a8891516c62a
      Size/MD5:    65378 fa708bd15ff5e5ff827301f2e1065300
      Size/MD5:   145848 64697f054bf638b17ca093cbe506a058
      Size/MD5:    65622 beaee17cfee6c7da27c2afcd229a19b5
      Size/MD5:  3240890 bace0b74e1a2466e9f3ffa070c256ad6
      Size/MD5:   119854 ae1f7195ca956f0646def5002fbacb7b
      Size/MD5:   473656 60d0082780e4b6d1bca142605b6a38b4

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:  7738536 d660c98c4ff2d69bb79acf96b98b8fac
      Size/MD5:    64352 26a1204a8de9728ce7e69a6a6cb5ab65
      Size/MD5:   139804 ba00d30507d15193b137a84e98c8223d
      Size/MD5:    64676 9af1f90034daf82d7ba1261dfddb4e02
      Size/MD5:  2968752 2d8cf6cb5d521d705d8e2aeff02f2a49
      Size/MD5:   119832 94b16c71ce2eff41311b8a89edadfdeb
      Size/MD5:   441054 2227b9f8470ea69b47eb2366326f7ff1

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:  8634058 3249e0b2819c9fad82b6dd7dab311cfa
      Size/MD5:    68614 ee892285f171a5f7db516ec0119b42fd
      Size/MD5:   146102 4d0242a08d59dc8a3ea9b47736aeeb05
      Size/MD5:    69238 c348c816778550532f00c104895c20d4
      Size/MD5:  3627836 49ef0d7503f2145a84a09a38cf8c4658
      Size/MD5:   119842 9a8a872069679a34d85aa5a8a5440720
      Size/MD5:   491152 6b015f4735a1df47cb2fcadead6fefd2

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:  7837866 b6200dbdf8e4693388af5f8955f7289e
      Size/MD5:    65028 49407f159319c51fcf2cc764698e8df0
      Size/MD5:   139932 1ce206a4f9017b57303742de655f6303
      Size/MD5:    65524 4bb5901e8025a63b91133afb093c0c0a
      Size/MD5:  3018424 af707618079668f15f0ec8517ed491a9
      Size/MD5:   119852 9e143862658f865df5251fcdde19ef63
      Size/MD5:   449054 9dd12be5414c2b78ce7d6364ae40508c

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.