-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                     ESB-2004.0574 -- RHSA-2004:447-02
              Updated gdk-pixbuf packages fix security flaws
                             16 September 2004

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:                gdk-pixbuf
Publisher:              Red Hat
Operating System:       Red Hat Enterprise Linux AS/ES/WS 3
                        Red Hat Desktop version 3
                        Red Hat Enterprise Linux AS/ES/WS 2.1
                        Red Hat Linux Advanced Workstation 2.1
                        Linux variants
Impact:                 Execute Arbitrary Code/Commands
                        Denial of Service
Access:                 Remote/Unauthenticated
CVE Names:              CAN-2004-0788 CAN-2004-0783 CAN-2004-0782
                        CAN-2004-0753 CAN-2004-0691

Ref:                    ESB-2004.0199

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated gdk-pixbuf packages fix security flaws
Advisory ID:       RHSA-2004:447-02
Issue date:        2004-09-15
Updated on:        2004-09-15
Product:           Red Hat Enterprise Linux
Obsoletes:         RHSA-2004:103
CVE Names:         CAN-2004-0753 CAN-2004-0782 CAN-2004-0783 CAN-2004-0788
- - ---------------------------------------------------------------------

1. Summary:

Updated gdk-pixbuf packages that fix several security flaws are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

The gdk-pixbuf package contains an image loading library used with the
GNOME GUI desktop environment.

[Updated 15th September 2004]
Packages have been updated to correct a bug which caused the xpm loader
to fail.

During testing of a previously fixed flaw in Qt (CAN-2004-0691), a flaw was
discovered in the BMP image processor of gdk-pixbuf.  An attacker could
create a carefully crafted BMP file which would cause an application
to enter an infinite loop and not respond to user input when the file was
opened by a victim.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0753 to this issue.

During a security audit, Chris Evans discovered a stack and a heap overflow
in the XPM image decoder. An attacker could create a carefully crafted XPM
file which could cause an application linked with gtk2 to crash or possibly
execute arbitrary code when the file was opened by a victim.
(CAN-2004-0782, CAN-2004-0783)

Chris Evans also discovered an integer overflow in the ICO image decoder.
An attacker could create a carefully crafted ICO file which could cause an
application linked with gtk2 to crash when the file is opened by a victim.
(CAN-2004-0788)

These packages have also been updated to correct a bug which caused the xpm
loader to fail.

Users of gdk-pixbuf are advised to upgrade to these packages, which
contain backported patches and are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

130455 - CAN-2004-0753 bmp image loader DOS
130711 - CAN-2004-0782/3/8 GTK XPM decoder issues

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gdk-pixbuf-0.22.0-11.2.2E.src.rpm
fda43700c69af3535e9d3bc9e6b4f1b9  gdk-pixbuf-0.22.0-11.2.2E.src.rpm

i386:
8334282664dfc3f87a377fbf7b733d41  gdk-pixbuf-0.22.0-11.2.2E.i386.rpm
30dab937b29109544bcb0bf68d8b9fc0  gdk-pixbuf-devel-0.22.0-11.2.2E.i386.rpm
d1c6a6a7b4baa3219ac66040b684b133  gdk-pixbuf-gnome-0.22.0-11.2.2E.i386.rpm

ia64:
68926c28e87cbbea60ce8eacb163c98e  gdk-pixbuf-0.22.0-11.2.2E.ia64.rpm
f0100561fb5c22ce3bf71dc08e7a88b9  gdk-pixbuf-devel-0.22.0-11.2.2E.ia64.rpm
0fa01166e066f322a78fc8e3b97085e9  gdk-pixbuf-gnome-0.22.0-11.2.2E.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gdk-pixbuf-0.22.0-11.2.2E.src.rpm
fda43700c69af3535e9d3bc9e6b4f1b9  gdk-pixbuf-0.22.0-11.2.2E.src.rpm

ia64:
68926c28e87cbbea60ce8eacb163c98e  gdk-pixbuf-0.22.0-11.2.2E.ia64.rpm
f0100561fb5c22ce3bf71dc08e7a88b9  gdk-pixbuf-devel-0.22.0-11.2.2E.ia64.rpm
0fa01166e066f322a78fc8e3b97085e9  gdk-pixbuf-gnome-0.22.0-11.2.2E.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gdk-pixbuf-0.22.0-11.2.2E.src.rpm
fda43700c69af3535e9d3bc9e6b4f1b9  gdk-pixbuf-0.22.0-11.2.2E.src.rpm

i386:
8334282664dfc3f87a377fbf7b733d41  gdk-pixbuf-0.22.0-11.2.2E.i386.rpm
30dab937b29109544bcb0bf68d8b9fc0  gdk-pixbuf-devel-0.22.0-11.2.2E.i386.rpm
d1c6a6a7b4baa3219ac66040b684b133  gdk-pixbuf-gnome-0.22.0-11.2.2E.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gdk-pixbuf-0.22.0-11.2.2E.src.rpm
fda43700c69af3535e9d3bc9e6b4f1b9  gdk-pixbuf-0.22.0-11.2.2E.src.rpm

i386:
8334282664dfc3f87a377fbf7b733d41  gdk-pixbuf-0.22.0-11.2.2E.i386.rpm
30dab937b29109544bcb0bf68d8b9fc0  gdk-pixbuf-devel-0.22.0-11.2.2E.i386.rpm
d1c6a6a7b4baa3219ac66040b684b133  gdk-pixbuf-gnome-0.22.0-11.2.2E.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gdk-pixbuf-0.22.0-11.3.3.src.rpm
adde2ead86237f92b7a346394dfb93bc  gdk-pixbuf-0.22.0-11.3.3.src.rpm

i386:
92fadd028df0850e6b61e01b440ade70  gdk-pixbuf-0.22.0-11.3.3.i386.rpm
4c80a32cb8573720bdcc06b39475754f  gdk-pixbuf-devel-0.22.0-11.3.3.i386.rpm
6e50dafb95a1efef5e3676663c38c0a0  gdk-pixbuf-gnome-0.22.0-11.3.3.i386.rpm

ia64:
c50021c89b9369377247cf69141361bb  gdk-pixbuf-0.22.0-11.3.3.ia64.rpm
d465a6ac9407dd1fc97f7336218b2350  gdk-pixbuf-devel-0.22.0-11.3.3.ia64.rpm
a925e983040b0cb85b7d3491d2928e1d  gdk-pixbuf-gnome-0.22.0-11.3.3.ia64.rpm

ppc:
3464b39ac9ccca779f3b8b77ba3086d7  gdk-pixbuf-0.22.0-11.3.3.ppc.rpm
742f21c2cf58a00d2e4aecfc54c1cde8  gdk-pixbuf-devel-0.22.0-11.3.3.ppc.rpm
600e801b22806cfbc11d3d5b9f175624  gdk-pixbuf-gnome-0.22.0-11.3.3.ppc.rpm

s390:
d9ad5bb3ef55ef9a4d453091ea53d414  gdk-pixbuf-0.22.0-11.3.3.s390.rpm
90e70ff542f9b859d7ca586ea6aba099  gdk-pixbuf-devel-0.22.0-11.3.3.s390.rpm
0722d84359e5b752ae811d7db557c473  gdk-pixbuf-gnome-0.22.0-11.3.3.s390.rpm

s390x:
d787c1c1cec4ed5135066a3930cd6d05  gdk-pixbuf-0.22.0-11.3.3.s390x.rpm
9f0c0dd1515ae16c5596b0c23288701f  gdk-pixbuf-devel-0.22.0-11.3.3.s390x.rpm
f73fb0a596c337e6e3b4e4033df84989  gdk-pixbuf-gnome-0.22.0-11.3.3.s390x.rpm

x86_64:
0678c0efeb2cceae8fee9dbb8797f2af  gdk-pixbuf-0.22.0-11.3.3.x86_64.rpm
160fa97f945efec1ce56ea494541c520  gdk-pixbuf-devel-0.22.0-11.3.3.x86_64.rpm
92b07889b33dc280fdb136b02325c53e  gdk-pixbuf-gnome-0.22.0-11.3.3.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gdk-pixbuf-0.22.0-11.3.3.src.rpm
adde2ead86237f92b7a346394dfb93bc  gdk-pixbuf-0.22.0-11.3.3.src.rpm

i386:
92fadd028df0850e6b61e01b440ade70  gdk-pixbuf-0.22.0-11.3.3.i386.rpm
4c80a32cb8573720bdcc06b39475754f  gdk-pixbuf-devel-0.22.0-11.3.3.i386.rpm
6e50dafb95a1efef5e3676663c38c0a0  gdk-pixbuf-gnome-0.22.0-11.3.3.i386.rpm

x86_64:
0678c0efeb2cceae8fee9dbb8797f2af  gdk-pixbuf-0.22.0-11.3.3.x86_64.rpm
160fa97f945efec1ce56ea494541c520  gdk-pixbuf-devel-0.22.0-11.3.3.x86_64.rpm
92b07889b33dc280fdb136b02325c53e  gdk-pixbuf-gnome-0.22.0-11.3.3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gdk-pixbuf-0.22.0-11.3.3.src.rpm
adde2ead86237f92b7a346394dfb93bc  gdk-pixbuf-0.22.0-11.3.3.src.rpm

i386:
92fadd028df0850e6b61e01b440ade70  gdk-pixbuf-0.22.0-11.3.3.i386.rpm
4c80a32cb8573720bdcc06b39475754f  gdk-pixbuf-devel-0.22.0-11.3.3.i386.rpm
6e50dafb95a1efef5e3676663c38c0a0  gdk-pixbuf-gnome-0.22.0-11.3.3.i386.rpm

ia64:
c50021c89b9369377247cf69141361bb  gdk-pixbuf-0.22.0-11.3.3.ia64.rpm
d465a6ac9407dd1fc97f7336218b2350  gdk-pixbuf-devel-0.22.0-11.3.3.ia64.rpm
a925e983040b0cb85b7d3491d2928e1d  gdk-pixbuf-gnome-0.22.0-11.3.3.ia64.rpm

x86_64:
0678c0efeb2cceae8fee9dbb8797f2af  gdk-pixbuf-0.22.0-11.3.3.x86_64.rpm
160fa97f945efec1ce56ea494541c520  gdk-pixbuf-devel-0.22.0-11.3.3.x86_64.rpm
92b07889b33dc280fdb136b02325c53e  gdk-pixbuf-gnome-0.22.0-11.3.3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gdk-pixbuf-0.22.0-11.3.3.src.rpm
adde2ead86237f92b7a346394dfb93bc  gdk-pixbuf-0.22.0-11.3.3.src.rpm

i386:
92fadd028df0850e6b61e01b440ade70  gdk-pixbuf-0.22.0-11.3.3.i386.rpm
4c80a32cb8573720bdcc06b39475754f  gdk-pixbuf-devel-0.22.0-11.3.3.i386.rpm
6e50dafb95a1efef5e3676663c38c0a0  gdk-pixbuf-gnome-0.22.0-11.3.3.i386.rpm

ia64:
c50021c89b9369377247cf69141361bb  gdk-pixbuf-0.22.0-11.3.3.ia64.rpm
d465a6ac9407dd1fc97f7336218b2350  gdk-pixbuf-devel-0.22.0-11.3.3.ia64.rpm
a925e983040b0cb85b7d3491d2928e1d  gdk-pixbuf-gnome-0.22.0-11.3.3.ia64.rpm

x86_64:
0678c0efeb2cceae8fee9dbb8797f2af  gdk-pixbuf-0.22.0-11.3.3.x86_64.rpm
160fa97f945efec1ce56ea494541c520  gdk-pixbuf-devel-0.22.0-11.3.3.x86_64.rpm
92b07889b33dc280fdb136b02325c53e  gdk-pixbuf-gnome-0.22.0-11.3.3.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key.html#package

7. References:

http://bugzilla.gnome.org/show_bug.cgi?id=150601
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact.html

Copyright 2004 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBSLVIXlSAg2UNWIIRAg1gAJ0eSKpsa4pvVxLcqairDQUKdPnr8ACfQIfs
Dzci1CmXK+5NXpJ+Dzho+Yc=
=u2bN
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBQUj0ayh9+71yA2DNAQKSIAP+LJ/eNg09rK5xlvU+gfO4iB1LPGT2bcI3
ZtlKuyy5Znj6MJqn0cHDdzid9TtngrtN6WOc06P3mhTNkMgcmlD9ln294oM27F+1
dKN07ixjOcaipNrgVsZEeBXntZiFALbCI2iBOSlLpoCsIPoURdLf8Ng87MveIps9
DwSdXfdBE4o=
=5lK+
-----END PGP SIGNATURE-----