Fedora 7 Update: tk-8.4.13-6.fc7
Summary
When paired with the Tcl scripting language, Tk provides a fast and powerful
way to create cross-platform GUI applications.
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) before 8.4.16 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first.
* Mon Oct 15 2007 Marcela Maslanova
- CVE-2007-5137 gif buffer overflow
[ 1 ] CVE-2007-5137
2f9dbe2132bf4fc78f8421e5ef6b9066d908c961 tk-8.4.13-6.fc7.ppc64.rpm
dfd62ad97a40e452f90f1d303332decbd274524d tk-debuginfo-8.4.13-6.fc7.ppc64.rpm
caf8b249afc9309cde1cc24b4946652045487912 tk-devel-8.4.13-6.fc7.ppc64.rpm
283a46b8af5b941e56f190b2f480d5447c86e84b tk-8.4.13-6.fc7.i386.rpm
55c6896d1c31cd6c6e053275e6ebe218e02b17fa tk-debuginfo-8.4.13-6.fc7.i386.rpm
9ae4f4e6258199851a8ad0b57feb448952f48956 tk-devel-8.4.13-6.fc7.i386.rpm
37d7a2427add562debe4db70c17c26d9d25556c7 tk-debuginfo-8.4.13-6.fc7.x86_64.rpm
15470e5810da218ab82bcc5b4cf609609b5c2d07 tk-8.4.13-6.fc7.x86_64.rpm
b119aeb80fbdc14e5bcedbcfbc7a265da6a3ac96 tk-devel-8.4.13-6.fc7.x86_64.rpm
d15bf067c74b67c516a8d3d482f00ba767de1a04 tk-8.4.13-6.fc7.ppc.rpm
e117e10b20001966a93fd96eba81a6541d7cd701 tk-debuginfo-8.4.13-6.fc7.ppc.rpm
2855c76d43b4dcbc5e84bfcef6632ba16fb584cd tk-devel-8.4.13-6.fc7.ppc.rpm
7781a6f38cca6f9c65027d00e85fd92cb4ad0935 tk-8.4.13-6.fc7.src.rpm
This update can be installed with the "yum" update program. Use
su -c 'yum update tk'
at the command line. For more information, refer to "Managing Software
with yum", available at .
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
FEDORA-2007-2564 2007-10-18 02:25:19.358078 Product : Fedora 7 Version : 8.4.13 Release : 6.fc7 URL : https://tcl.sourceforge.net/ Summary : The graphical toolkit for the Tcl scripting language Description : When paired with the Tcl scripting language, Tk provides a fast and powerful way to create cross-platform GUI applications. Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) before 8.4.16 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. * Mon Oct 15 2007 Marcela Maslanova - 1:8.4.13-6 - CVE-2007-5137 gif buffer overflow [ 1 ] CVE-2007-5137 2f9dbe2132bf4fc78f8421e5ef6b9066d908c961 tk-8.4.13-6.fc7.ppc64.rpm dfd62ad97a40e452f90f1d303332decbd274524d tk-debuginfo-8.4.13-6.fc7.ppc64.rpm caf8b249afc9309cde1cc24b4946652045487912 tk-devel-8.4.13-6.fc7.ppc64.rpm 283a46b8af5b941e56f190b2f480d5447c86e84b tk-8.4.13-6.fc7.i386.rpm 55c6896d1c31cd6c6e053275e6ebe218e02b17fa tk-debuginfo-8.4.13-6.fc7.i386.rpm 9ae4f4e6258199851a8ad0b57feb448952f48956 tk-devel-8.4.13-6.fc7.i386.rpm 37d7a2427add562debe4db70c17c26d9d25556c7 tk-debuginfo-8.4.13-6.fc7.x86_64.rpm 15470e5810da218ab82bcc5b4cf609609b5c2d07 tk-8.4.13-6.fc7.x86_64.rpm b119aeb80fbdc14e5bcedbcfbc7a265da6a3ac96 tk-devel-8.4.13-6.fc7.x86_64.rpm d15bf067c74b67c516a8d3d482f00ba767de1a04 tk-8.4.13-6.fc7.ppc.rpm e117e10b20001966a93fd96eba81a6541d7cd701 tk-debuginfo-8.4.13-6.fc7.ppc.rpm 2855c76d43b4dcbc5e84bfcef6632ba16fb584cd tk-devel-8.4.13-6.fc7.ppc.rpm 7781a6f38cca6f9c65027d00e85fd92cb4ad0935 tk-8.4.13-6.fc7.src.rpm This update can be installed with the "yum" update program. Use su -c 'yum update tk' at the command line. For more information, refer to "Managing Software with yum", available at . Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Change Log
References
Update Instructions
