--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-4594
2007-12-28 16:42:30
--------------------------------------------------------------------------------

Name        : imlib
Product     : Fedora 8
Version     : 1.9.15
Release     : 6.fc8
URL         : []
Summary     : An image loading and rendering library for X11R6
Description :
Imlib is a display depth independent image loading and rendering library.
Imlib is designed to simplify and speed up the process of loading images and
obtaining X Window System drawables. Imlib provides many simple manipulation
routines which can be used for common operations.

The imlib package also contains the imlib_config program, which you can use to
configure the Imlib image loading and rendering library. Imlib_config can be
used to control how Imlib uses color and handles gamma corrections, etc.

Install imlib if you need an image loading and rendering library for X11R6, or
if you are installing GNOME.

--------------------------------------------------------------------------------
Update Information:

This update includes a fix for a denial-of-service issue (CVE-2007-3568) whereby an attacker who could get an imlib-using user to view a  specially-crafted BMP image could cause the user's CPU to go into an infinite loop.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 18 2007 Paul Howarth  1:1.9.15-6
- include patch to fix a DoS caused via a BMP image with a Bits Per Page (BPP)
  value of 0 (#426091, CVE-2007-3568); thanks to Peter Volkov at Gentoo for
  the heads-up
- remove URL tag; this legacy package has no active upstream source, and
  documentation for it is gradually disappearing from the Internet
* Wed Nov 28 2007 Adam Jackson  1:1.9.15-5
- imlib-1.9.15-check-for-shm-pixmaps.patch: MIT-SHM pixmaps are optional,
  so check that they exist before using them. (#357241)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #426091 - CVE-2007-3568 imlib: infinite loop DoS using crafted BMP image
        https://bugzilla.redhat.com/show_bug.cgi?id=426091
--------------------------------------------------------------------------------
Updated packages:

81993c0d805b221493bb24036ccae8e5209687d5 imlib-debuginfo-1.9.15-6.fc8.ppc64.rpm
e6d681cc1af89dce736be2876040805748aaefda imlib-devel-1.9.15-6.fc8.ppc64.rpm
55f4e7dc59b4ad327858af5741ed7a1ea7dbea84 imlib-1.9.15-6.fc8.ppc64.rpm
651d6e6b8639cfdee47a318538755694e0394275 imlib-debuginfo-1.9.15-6.fc8.i386.rpm
45a2b25a98ea786b0a9c2ae1007f132f74f7a7c2 imlib-devel-1.9.15-6.fc8.i386.rpm
41ed0ab7479a458b6e1d3b3e3b67d35310b3617d imlib-1.9.15-6.fc8.i386.rpm
d2251b17c23b1e21b00cd588da143356fddc95ab imlib-debuginfo-1.9.15-6.fc8.x86_64.rpm
22a12a4158488a7e196ebe6d84bee127e35ea5aa imlib-devel-1.9.15-6.fc8.x86_64.rpm
592a590e859912f9bada71b62c744d8177f5d75d imlib-1.9.15-6.fc8.x86_64.rpm
bedeec73d1bc9647bb592226cc23d21af1935f6a imlib-debuginfo-1.9.15-6.fc8.ppc.rpm
811539b74ad106b4161b54ebe4831ac6b66d2778 imlib-devel-1.9.15-6.fc8.ppc.rpm
6918dd5ca716ec05e8ce468cd11ce0feae3d39b0 imlib-1.9.15-6.fc8.ppc.rpm
a8f1978f1762fb9de957afc612b8f58df9f198f6 imlib-1.9.15-6.fc8.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update imlib' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce