MDKSA-2005:069 - Updated gdk-pixbuf packages fix vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MDKSA-2005:069 - Updated gdk-pixbuf packages fix vulnerability
From: Mandrakelinux Security Team <security@xxxxxxxxxxxxxxxxxx>
Date: Thu, 07 Apr 2005 16:47:15 -0600
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           gdk-pixbuf
 Advisory ID:            MDKSA-2005:069
 Date:                   April 7th, 2005

 Affected versions:      10.0, 10.1, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 A bug was discovered in the way that gdk-pixbuf processes BMP images
 which could allow for a specially crafted BMP to cause a Denial of
 Service attack on applications linked against gdk-pixbuf.
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 f430b445e8a76a05376b65d8bcf085b9  
10.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.100mdk.i586.rpm
 0e87d2d409375ccb4d900dd4f360efa1  
10.0/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-2.3.100mdk.i586.rpm
 5332504ce51f46a200869595c1a0e859  
10.0/RPMS/libgdk-pixbuf-xlib2-0.22.0-2.3.100mdk.i586.rpm
 6d8075217b6d323a5ade36f02d110015  
10.0/RPMS/libgdk-pixbuf2-0.22.0-2.3.100mdk.i586.rpm
 fc8ea48179e55758f2432d9360f50627  
10.0/RPMS/libgdk-pixbuf2-devel-0.22.0-2.3.100mdk.i586.rpm
 bc8962a581d9df3bfcd6449c98651e6c  
10.0/SRPMS/gdk-pixbuf-0.22.0-2.3.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 fbd1ddbf1d5a20166a0f5197107c2018  
amd64/10.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.100mdk.amd64.rpm
 19ea3305f0672cfef258b8d9070ebcb2  
amd64/10.0/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-2.3.100mdk.amd64.rpm
 cd48bd19cc3dcf7efc044e3f8d6714bf  
amd64/10.0/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-2.3.100mdk.amd64.rpm
 4a39a2ccfe011df57c87902a255e2665  
amd64/10.0/RPMS/lib64gdk-pixbuf2-0.22.0-2.3.100mdk.amd64.rpm
 7cda46391c609bc960ae64b80e89015b  
amd64/10.0/RPMS/lib64gdk-pixbuf2-devel-0.22.0-2.3.100mdk.amd64.rpm
 bc8962a581d9df3bfcd6449c98651e6c  
amd64/10.0/SRPMS/gdk-pixbuf-0.22.0-2.3.100mdk.src.rpm

 Mandrakelinux 10.1:
 0fbccd1cdae7c75775faf437cdf47dd6  
10.1/RPMS/gdk-pixbuf-loaders-0.22.0-5.1.101mdk.i586.rpm
 dd160afc8f5a9b5e90b3ee9953eb79aa  
10.1/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-5.1.101mdk.i586.rpm
 4144e66108cf882dd3f4f1bf4bce2ff2  
10.1/RPMS/libgdk-pixbuf-xlib2-0.22.0-5.1.101mdk.i586.rpm
 8bbed60b2e8298474f40d29d90858dc5  
10.1/RPMS/libgdk-pixbuf2-0.22.0-5.1.101mdk.i586.rpm
 0c3a28830681cb6409b8e43e3acc5bab  
10.1/RPMS/libgdk-pixbuf2-devel-0.22.0-5.1.101mdk.i586.rpm
 d106ccd550bf9d9e32ee279eed8a5eba  
10.1/SRPMS/gdk-pixbuf-0.22.0-5.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 7590453088477646d32207678c74aebb  
x86_64/10.1/RPMS/gdk-pixbuf-loaders-0.22.0-5.1.101mdk.x86_64.rpm
 dd160afc8f5a9b5e90b3ee9953eb79aa  
x86_64/10.1/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-5.1.101mdk.i586.rpm
 4144e66108cf882dd3f4f1bf4bce2ff2  
x86_64/10.1/RPMS/libgdk-pixbuf-xlib2-0.22.0-5.1.101mdk.i586.rpm
 8bbed60b2e8298474f40d29d90858dc5  
x86_64/10.1/RPMS/libgdk-pixbuf2-0.22.0-5.1.101mdk.i586.rpm
 2249305133157e4df30e4dccd15953c8  
x86_64/10.1/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-5.1.101mdk.x86_64.rpm
 db79c2089feb5dec9bce76e3475b08a7  
x86_64/10.1/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-5.1.101mdk.x86_64.rpm
 f84a8a50bc36072dbb157a1097f0d949  
x86_64/10.1/RPMS/lib64gdk-pixbuf2-0.22.0-5.1.101mdk.x86_64.rpm
 3259e21f008ae6f7895e0c22196bfb76  
x86_64/10.1/RPMS/lib64gdk-pixbuf2-devel-0.22.0-5.1.101mdk.x86_64.rpm
 d106ccd550bf9d9e32ee279eed8a5eba  
x86_64/10.1/SRPMS/gdk-pixbuf-0.22.0-5.1.101mdk.src.rpm

 Corporate 3.0:
 451bbbd4bd336dee287fba9b29f635e4  
corporate/3.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.C30mdk.i586.rpm
 acb446883025bdf03429fecd7123f867  
corporate/3.0/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-2.3.C30mdk.i586.rpm
 5c9ef2fcd3a3d290898478832583c98f  
corporate/3.0/RPMS/libgdk-pixbuf-xlib2-0.22.0-2.3.C30mdk.i586.rpm
 f111de3c371cbb9b7f9d93cdee94250f  
corporate/3.0/RPMS/libgdk-pixbuf2-0.22.0-2.3.C30mdk.i586.rpm
 1a17bf4e8148d703b543d7cc6548aae4  
corporate/3.0/RPMS/libgdk-pixbuf2-devel-0.22.0-2.3.C30mdk.i586.rpm
 39a9fe79245f9bc8ea83e24ae1d34041  
corporate/3.0/SRPMS/gdk-pixbuf-0.22.0-2.3.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 e97d3b46e21b4de9d31af7bdd9cf7e73  
x86_64/corporate/3.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.3.C30mdk.x86_64.rpm
 b0a897d394be8925adacb37d705b6f37  
x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-2.3.C30mdk.x86_64.rpm
 103253c83fa7b9c79f121157615c3c08  
x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-2.3.C30mdk.x86_64.rpm
 6b0d14a317df8bb09866dc287ff06692  
x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf2-0.22.0-2.3.C30mdk.x86_64.rpm
 90004b32575925d0721668317b40a8c7  
x86_64/corporate/3.0/RPMS/lib64gdk-pixbuf2-devel-0.22.0-2.3.C30mdk.x86_64.rpm
 39a9fe79245f9bc8ea83e24ae1d34041  
x86_64/corporate/3.0/SRPMS/gdk-pixbuf-0.22.0-2.3.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCVbhzmqjQ0CJFipgRAsqdAKCrmknhRmBqVGEKHNdDt0geJBhuxgCfVEjW
L94SvoG/PVU6ZaDJzRF+C6Y=
=ZNyw
-----END PGP SIGNATURE-----

Prev by Date: MDKSA-2005:068 - Updated gtk+2.0 packages fix vulnerability
Next by Date: phpBB Upload Script "up.php" Arbitrary File Upload
Previous by thread: MDKSA-2005:068 - Updated gtk+2.0 packages fix vulnerability
Next by thread: phpBB Upload Script "up.php" Arbitrary File Upload
Index(es):
- Date
- Thread