MDKSA-2005:068 - Updated gtk+2.0 packages fix vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MDKSA-2005:068 - Updated gtk+2.0 packages fix vulnerability
From: Mandrakelinux Security Team <security@xxxxxxxxxxxxxxxxxx>
Date: Thu, 07 Apr 2005 16:41:19 -0600
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           gtk+2.0
 Advisory ID:            MDKSA-2005:068
 Date:                   April 7th, 2005

 Affected versions:      10.0, 10.1, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 A bug was discovered in the way that gtk+2.0 processes BMP images
 which could allow for a specially crafted BMP to cause a Denial of
 Service attack on applications linked against gtk+2.0.
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 6ded91220f9da5195a7eb8bd29744ce5  10.0/RPMS/gtk+2.0-2.2.4-10.2.100mdk.i586.rpm
 defbd824fdbceafb811c4a26804eea2d  
10.0/RPMS/libgdk_pixbuf2.0_0-2.2.4-10.2.100mdk.i586.rpm
 fa164ed6e67c60abd8f9624715b06cef  
10.0/RPMS/libgdk_pixbuf2.0_0-devel-2.2.4-10.2.100mdk.i586.rpm
 0a90ddf71f6e8bd8b70503a4bbe41f00  
10.0/RPMS/libgtk+-linuxfb-2.0_0-2.2.4-10.2.100mdk.i586.rpm
 5f9257920729f34f1657406ab69dd3fe  
10.0/RPMS/libgtk+-linuxfb-2.0_0-devel-2.2.4-10.2.100mdk.i586.rpm
 ff6e8a3eb98537c53607275896788a6b  
10.0/RPMS/libgtk+-x11-2.0_0-2.2.4-10.2.100mdk.i586.rpm
 dcb5de61416c85a2680bfe331e12faf4  
10.0/RPMS/libgtk+2.0_0-2.2.4-10.2.100mdk.i586.rpm
 b5e1886ca33a99b7ea26ba65a634a171  
10.0/RPMS/libgtk+2.0_0-devel-2.2.4-10.2.100mdk.i586.rpm
 8a7e5e9f6620200330f7800d65e02468  10.0/SRPMS/gtk+2.0-2.2.4-10.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 3442a95e11299776193b69b6bc86513a  
amd64/10.0/RPMS/gtk+2.0-2.2.4-10.2.100mdk.amd64.rpm
 879dfefb728b1f04c5f5e0c049cb173b  
amd64/10.0/RPMS/lib64gdk_pixbuf2.0_0-2.2.4-10.2.100mdk.amd64.rpm
 c4ac90a0f8d987a825fb1f6732e14c57  
amd64/10.0/RPMS/lib64gdk_pixbuf2.0_0-devel-2.2.4-10.2.100mdk.amd64.rpm
 554b74e447cda888be6ae8cb7e916761  
amd64/10.0/RPMS/lib64gtk+-linuxfb-2.0_0-2.2.4-10.2.100mdk.amd64.rpm
 c17c2e94111421bfd631adf517fc5b57  
amd64/10.0/RPMS/lib64gtk+-linuxfb-2.0_0-devel-2.2.4-10.2.100mdk.amd64.rpm
 fd493ea1d4da40eedf305e2d558d41e6  
amd64/10.0/RPMS/lib64gtk+-x11-2.0_0-2.2.4-10.2.100mdk.amd64.rpm
 292e229535ee420bc8bbf7488225611a  
amd64/10.0/RPMS/lib64gtk+2.0_0-2.2.4-10.2.100mdk.amd64.rpm
 827a421ac971df39a90f47467195eb75  
amd64/10.0/RPMS/lib64gtk+2.0_0-devel-2.2.4-10.2.100mdk.amd64.rpm
 8a7e5e9f6620200330f7800d65e02468  
amd64/10.0/SRPMS/gtk+2.0-2.2.4-10.2.100mdk.src.rpm

 Mandrakelinux 10.1:
 63bdf92cde28cd4596862acb8303db89  10.1/RPMS/gtk+2.0-2.4.9-9.1.101mdk.i586.rpm
 d0b44ebf0f5a32495164e3b95f836a1e  
10.1/RPMS/libgdk_pixbuf2.0_0-2.4.9-9.1.101mdk.i586.rpm
 b61a83a21d2af5f893d010687e4ba31c  
10.1/RPMS/libgdk_pixbuf2.0_0-devel-2.4.9-9.1.101mdk.i586.rpm
 79e3363764cd1e005c92217b1601410d  
10.1/RPMS/libgtk+-x11-2.0_0-2.4.9-9.1.101mdk.i586.rpm
 db1d643a7c5e8c2ea9caf3a09b08ffd1  
10.1/RPMS/libgtk+2.0_0-2.4.9-9.1.101mdk.i586.rpm
 825f54c99f3e0790fa563318eb0ad4f4  
10.1/RPMS/libgtk+2.0_0-devel-2.4.9-9.1.101mdk.i586.rpm
 73738f0963942b9266e0cb3ec2e7812b  10.1/SRPMS/gtk+2.0-2.4.9-9.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 58f3b14ddf3174f282a7fcedd2291cb2  
x86_64/10.1/RPMS/gtk+2.0-2.4.9-9.1.101mdk.x86_64.rpm
 d0b44ebf0f5a32495164e3b95f836a1e  
x86_64/10.1/RPMS/libgdk_pixbuf2.0_0-2.4.9-9.1.101mdk.i586.rpm
 79e3363764cd1e005c92217b1601410d  
x86_64/10.1/RPMS/libgtk+-x11-2.0_0-2.4.9-9.1.101mdk.i586.rpm
 db1d643a7c5e8c2ea9caf3a09b08ffd1  
x86_64/10.1/RPMS/libgtk+2.0_0-2.4.9-9.1.101mdk.i586.rpm
 0a8969769eb5197c102f9c4e26de3c9d  
x86_64/10.1/RPMS/lib64gdk_pixbuf2.0_0-2.4.9-9.1.101mdk.x86_64.rpm
 8587febd8da71ae4ac0523f1bf3799ba  
x86_64/10.1/RPMS/lib64gdk_pixbuf2.0_0-devel-2.4.9-9.1.101mdk.x86_64.rpm
 81a6326dd657d99ee7dd7c0677fc8ff2  
x86_64/10.1/RPMS/lib64gtk+-x11-2.0_0-2.4.9-9.1.101mdk.x86_64.rpm
 777f9c5fc9d83748825e0e9af165c3e3  
x86_64/10.1/RPMS/lib64gtk+2.0_0-2.4.9-9.1.101mdk.x86_64.rpm
 72273e60a9ff32f874239d90d5cdfd24  
x86_64/10.1/RPMS/lib64gtk+2.0_0-devel-2.4.9-9.1.101mdk.x86_64.rpm
 73738f0963942b9266e0cb3ec2e7812b  
x86_64/10.1/SRPMS/gtk+2.0-2.4.9-9.1.101mdk.src.rpm

 Corporate 3.0:
 87c55c922e3fe5dce66fd619d6d94034  
corporate/3.0/RPMS/gtk+2.0-2.2.4-10.3.C30mdk.i586.rpm
 5bdfa2ded3da000da4d39c7bdb5a2edb  
corporate/3.0/RPMS/libgdk_pixbuf2.0_0-2.2.4-10.3.C30mdk.i586.rpm
 e6e00410204aff942b57b4b42ce3708a  
corporate/3.0/RPMS/libgdk_pixbuf2.0_0-devel-2.2.4-10.3.C30mdk.i586.rpm
 7b714ac098a96754362d0e6e6b06d22a  
corporate/3.0/RPMS/libgtk+-linuxfb-2.0_0-2.2.4-10.3.C30mdk.i586.rpm
 4f13d0dd61a046297f8ced1e78496549  
corporate/3.0/RPMS/libgtk+-linuxfb-2.0_0-devel-2.2.4-10.3.C30mdk.i586.rpm
 5009d264352ec2f4710d4e2d198f5178  
corporate/3.0/RPMS/libgtk+-x11-2.0_0-2.2.4-10.3.C30mdk.i586.rpm
 70cc0d5faecb6ade7db357bd98ae2f2c  
corporate/3.0/RPMS/libgtk+2.0_0-2.2.4-10.3.C30mdk.i586.rpm
 fe6a4d000fb5af708fec694109e56339  
corporate/3.0/RPMS/libgtk+2.0_0-devel-2.2.4-10.3.C30mdk.i586.rpm
 cb2b245a60da7db473b9d6f95596a8e8  
corporate/3.0/SRPMS/gtk+2.0-2.2.4-10.3.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 62ba5850d9ce991c37b00d4f4c2423fc  
x86_64/corporate/3.0/RPMS/gtk+2.0-2.2.4-10.3.C30mdk.x86_64.rpm
 c3752c95681dba01c2862559099ae28c  
x86_64/corporate/3.0/RPMS/lib64gdk_pixbuf2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
 c60a80e68525611932a2be6c5a224471  
x86_64/corporate/3.0/RPMS/lib64gdk_pixbuf2.0_0-devel-2.2.4-10.3.C30mdk.x86_64.rpm
 493ef92d6e50f9399303015c73d74bdd  
x86_64/corporate/3.0/RPMS/lib64gtk+-linuxfb-2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
 0b60bc13179cb5563580bcfe78754065  
x86_64/corporate/3.0/RPMS/lib64gtk+-linuxfb-2.0_0-devel-2.2.4-10.3.C30mdk.x86_64.rpm
 93ca4819c1be2754e0b45fafebe12133  
x86_64/corporate/3.0/RPMS/lib64gtk+-x11-2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
 313c17b002cde662476654bca69a887b  
x86_64/corporate/3.0/RPMS/lib64gtk+2.0_0-2.2.4-10.3.C30mdk.x86_64.rpm
 730e178acc1c61b370490b7aaf71bb5f  
x86_64/corporate/3.0/RPMS/lib64gtk+2.0_0-devel-2.2.4-10.3.C30mdk.x86_64.rpm
 cb2b245a60da7db473b9d6f95596a8e8  
x86_64/corporate/3.0/SRPMS/gtk+2.0-2.2.4-10.3.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCVbcPmqjQ0CJFipgRAgiaAKCLaa9bsCxjetQNQ46K4d3AcLe+kwCdFCuo
zTSJivJXoAzKnQyRC9GJtYU=
=DEei
-----END PGP SIGNATURE-----

Prev by Date: MacOSX Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability
Next by Date: MDKSA-2005:069 - Updated gdk-pixbuf packages fix vulnerability
Previous by thread: MacOSX Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability
Next by thread: MDKSA-2005:069 - Updated gdk-pixbuf packages fix vulnerability
Index(es):
- Date
- Thread