Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2004.0574 -- RHSA-2004:447-02 Updated gdk-pixbuf packages fix security flaws 16 September 2004 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: gdk-pixbuf Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 3 Red Hat Desktop version 3 Red Hat Enterprise Linux AS/ES/WS 2.1 Red Hat Linux Advanced Workstation 2.1 Linux variants Impact: Execute Arbitrary Code/Commands Denial of Service Access: Remote/Unauthenticated CVE Names: CAN-2004-0788 CAN-2004-0783 CAN-2004-0782 CAN-2004-0753 CAN-2004-0691 Ref: ESB-2004.0199 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated gdk-pixbuf packages fix security flaws Advisory ID: RHSA-2004:447-02 Issue date: 2004-09-15 Updated on: 2004-09-15 Product: Red Hat Enterprise Linux Obsoletes: RHSA-2004:103 CVE Names: CAN-2004-0753 CAN-2004-0782 CAN-2004-0783 CAN-2004-0788 - - --------------------------------------------------------------------- 1. Summary: Updated gdk-pixbuf packages that fix several security flaws are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. [Updated 15th September 2004] Packages have been updated to correct a bug which caused the xpm loader to fail. During testing of a previously fixed flaw in Qt (CAN-2004-0691), a flaw was discovered in the BMP image processor of gdk-pixbuf. An attacker could create a carefully crafted BMP file which would cause an application to enter an infinite loop and not respond to user input when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0753 to this issue. During a security audit, Chris Evans discovered a stack and a heap overflow in the XPM image decoder. An attacker could create a carefully crafted XPM file which could cause an application linked with gtk2 to crash or possibly execute arbitrary code when the file was opened by a victim. (CAN-2004-0782, CAN-2004-0783) Chris Evans also discovered an integer overflow in the ICO image decoder. An attacker could create a carefully crafted ICO file which could cause an application linked with gtk2 to crash when the file is opened by a victim. (CAN-2004-0788) These packages have also been updated to correct a bug which caused the xpm loader to fail. Users of gdk-pixbuf are advised to upgrade to these packages, which contain backported patches and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info): 130455 - CAN-2004-0753 bmp image loader DOS 130711 - CAN-2004-0782/3/8 GTK XPM decoder issues 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gdk-pixbuf-0.22.0-11.2.2E.src.rpm fda43700c69af3535e9d3bc9e6b4f1b9 gdk-pixbuf-0.22.0-11.2.2E.src.rpm i386: 8334282664dfc3f87a377fbf7b733d41 gdk-pixbuf-0.22.0-11.2.2E.i386.rpm 30dab937b29109544bcb0bf68d8b9fc0 gdk-pixbuf-devel-0.22.0-11.2.2E.i386.rpm d1c6a6a7b4baa3219ac66040b684b133 gdk-pixbuf-gnome-0.22.0-11.2.2E.i386.rpm ia64: 68926c28e87cbbea60ce8eacb163c98e gdk-pixbuf-0.22.0-11.2.2E.ia64.rpm f0100561fb5c22ce3bf71dc08e7a88b9 gdk-pixbuf-devel-0.22.0-11.2.2E.ia64.rpm 0fa01166e066f322a78fc8e3b97085e9 gdk-pixbuf-gnome-0.22.0-11.2.2E.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gdk-pixbuf-0.22.0-11.2.2E.src.rpm fda43700c69af3535e9d3bc9e6b4f1b9 gdk-pixbuf-0.22.0-11.2.2E.src.rpm ia64: 68926c28e87cbbea60ce8eacb163c98e gdk-pixbuf-0.22.0-11.2.2E.ia64.rpm f0100561fb5c22ce3bf71dc08e7a88b9 gdk-pixbuf-devel-0.22.0-11.2.2E.ia64.rpm 0fa01166e066f322a78fc8e3b97085e9 gdk-pixbuf-gnome-0.22.0-11.2.2E.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gdk-pixbuf-0.22.0-11.2.2E.src.rpm fda43700c69af3535e9d3bc9e6b4f1b9 gdk-pixbuf-0.22.0-11.2.2E.src.rpm i386: 8334282664dfc3f87a377fbf7b733d41 gdk-pixbuf-0.22.0-11.2.2E.i386.rpm 30dab937b29109544bcb0bf68d8b9fc0 gdk-pixbuf-devel-0.22.0-11.2.2E.i386.rpm d1c6a6a7b4baa3219ac66040b684b133 gdk-pixbuf-gnome-0.22.0-11.2.2E.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gdk-pixbuf-0.22.0-11.2.2E.src.rpm fda43700c69af3535e9d3bc9e6b4f1b9 gdk-pixbuf-0.22.0-11.2.2E.src.rpm i386: 8334282664dfc3f87a377fbf7b733d41 gdk-pixbuf-0.22.0-11.2.2E.i386.rpm 30dab937b29109544bcb0bf68d8b9fc0 gdk-pixbuf-devel-0.22.0-11.2.2E.i386.rpm d1c6a6a7b4baa3219ac66040b684b133 gdk-pixbuf-gnome-0.22.0-11.2.2E.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gdk-pixbuf-0.22.0-11.3.3.src.rpm adde2ead86237f92b7a346394dfb93bc gdk-pixbuf-0.22.0-11.3.3.src.rpm i386: 92fadd028df0850e6b61e01b440ade70 gdk-pixbuf-0.22.0-11.3.3.i386.rpm 4c80a32cb8573720bdcc06b39475754f gdk-pixbuf-devel-0.22.0-11.3.3.i386.rpm 6e50dafb95a1efef5e3676663c38c0a0 gdk-pixbuf-gnome-0.22.0-11.3.3.i386.rpm ia64: c50021c89b9369377247cf69141361bb gdk-pixbuf-0.22.0-11.3.3.ia64.rpm d465a6ac9407dd1fc97f7336218b2350 gdk-pixbuf-devel-0.22.0-11.3.3.ia64.rpm a925e983040b0cb85b7d3491d2928e1d gdk-pixbuf-gnome-0.22.0-11.3.3.ia64.rpm ppc: 3464b39ac9ccca779f3b8b77ba3086d7 gdk-pixbuf-0.22.0-11.3.3.ppc.rpm 742f21c2cf58a00d2e4aecfc54c1cde8 gdk-pixbuf-devel-0.22.0-11.3.3.ppc.rpm 600e801b22806cfbc11d3d5b9f175624 gdk-pixbuf-gnome-0.22.0-11.3.3.ppc.rpm s390: d9ad5bb3ef55ef9a4d453091ea53d414 gdk-pixbuf-0.22.0-11.3.3.s390.rpm 90e70ff542f9b859d7ca586ea6aba099 gdk-pixbuf-devel-0.22.0-11.3.3.s390.rpm 0722d84359e5b752ae811d7db557c473 gdk-pixbuf-gnome-0.22.0-11.3.3.s390.rpm s390x: d787c1c1cec4ed5135066a3930cd6d05 gdk-pixbuf-0.22.0-11.3.3.s390x.rpm 9f0c0dd1515ae16c5596b0c23288701f gdk-pixbuf-devel-0.22.0-11.3.3.s390x.rpm f73fb0a596c337e6e3b4e4033df84989 gdk-pixbuf-gnome-0.22.0-11.3.3.s390x.rpm x86_64: 0678c0efeb2cceae8fee9dbb8797f2af gdk-pixbuf-0.22.0-11.3.3.x86_64.rpm 160fa97f945efec1ce56ea494541c520 gdk-pixbuf-devel-0.22.0-11.3.3.x86_64.rpm 92b07889b33dc280fdb136b02325c53e gdk-pixbuf-gnome-0.22.0-11.3.3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gdk-pixbuf-0.22.0-11.3.3.src.rpm adde2ead86237f92b7a346394dfb93bc gdk-pixbuf-0.22.0-11.3.3.src.rpm i386: 92fadd028df0850e6b61e01b440ade70 gdk-pixbuf-0.22.0-11.3.3.i386.rpm 4c80a32cb8573720bdcc06b39475754f gdk-pixbuf-devel-0.22.0-11.3.3.i386.rpm 6e50dafb95a1efef5e3676663c38c0a0 gdk-pixbuf-gnome-0.22.0-11.3.3.i386.rpm x86_64: 0678c0efeb2cceae8fee9dbb8797f2af gdk-pixbuf-0.22.0-11.3.3.x86_64.rpm 160fa97f945efec1ce56ea494541c520 gdk-pixbuf-devel-0.22.0-11.3.3.x86_64.rpm 92b07889b33dc280fdb136b02325c53e gdk-pixbuf-gnome-0.22.0-11.3.3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gdk-pixbuf-0.22.0-11.3.3.src.rpm adde2ead86237f92b7a346394dfb93bc gdk-pixbuf-0.22.0-11.3.3.src.rpm i386: 92fadd028df0850e6b61e01b440ade70 gdk-pixbuf-0.22.0-11.3.3.i386.rpm 4c80a32cb8573720bdcc06b39475754f gdk-pixbuf-devel-0.22.0-11.3.3.i386.rpm 6e50dafb95a1efef5e3676663c38c0a0 gdk-pixbuf-gnome-0.22.0-11.3.3.i386.rpm ia64: c50021c89b9369377247cf69141361bb gdk-pixbuf-0.22.0-11.3.3.ia64.rpm d465a6ac9407dd1fc97f7336218b2350 gdk-pixbuf-devel-0.22.0-11.3.3.ia64.rpm a925e983040b0cb85b7d3491d2928e1d gdk-pixbuf-gnome-0.22.0-11.3.3.ia64.rpm x86_64: 0678c0efeb2cceae8fee9dbb8797f2af gdk-pixbuf-0.22.0-11.3.3.x86_64.rpm 160fa97f945efec1ce56ea494541c520 gdk-pixbuf-devel-0.22.0-11.3.3.x86_64.rpm 92b07889b33dc280fdb136b02325c53e gdk-pixbuf-gnome-0.22.0-11.3.3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gdk-pixbuf-0.22.0-11.3.3.src.rpm adde2ead86237f92b7a346394dfb93bc gdk-pixbuf-0.22.0-11.3.3.src.rpm i386: 92fadd028df0850e6b61e01b440ade70 gdk-pixbuf-0.22.0-11.3.3.i386.rpm 4c80a32cb8573720bdcc06b39475754f gdk-pixbuf-devel-0.22.0-11.3.3.i386.rpm 6e50dafb95a1efef5e3676663c38c0a0 gdk-pixbuf-gnome-0.22.0-11.3.3.i386.rpm ia64: c50021c89b9369377247cf69141361bb gdk-pixbuf-0.22.0-11.3.3.ia64.rpm d465a6ac9407dd1fc97f7336218b2350 gdk-pixbuf-devel-0.22.0-11.3.3.ia64.rpm a925e983040b0cb85b7d3491d2928e1d gdk-pixbuf-gnome-0.22.0-11.3.3.ia64.rpm x86_64: 0678c0efeb2cceae8fee9dbb8797f2af gdk-pixbuf-0.22.0-11.3.3.x86_64.rpm 160fa97f945efec1ce56ea494541c520 gdk-pixbuf-devel-0.22.0-11.3.3.x86_64.rpm 92b07889b33dc280fdb136b02325c53e gdk-pixbuf-gnome-0.22.0-11.3.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key.html#package 7. References: http://bugzilla.gnome.org/show_bug.cgi?id=150601 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFBSLVIXlSAg2UNWIIRAg1gAJ0eSKpsa4pvVxLcqairDQUKdPnr8ACfQIfs Dzci1CmXK+5NXpJ+Dzho+Yc= =u2bN - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQUj0ayh9+71yA2DNAQKSIAP+LJ/eNg09rK5xlvU+gfO4iB1LPGT2bcI3 ZtlKuyy5Znj6MJqn0cHDdzid9TtngrtN6WOc06P3mhTNkMgcmlD9ln294oM27F+1 dKN07ixjOcaipNrgVsZEeBXntZiFALbCI2iBOSlLpoCsIPoURdLf8Ng87MveIps9 DwSdXfdBE4o= =5lK+ -----END PGP SIGNATURE-----