Jump to content

updated gdk-pixbuf and gtk-2 packages

mystified

By mystified
in Mandriva Security Advisories

 Share

Recommended Posts

mystified Platinum

mystified

Posted
Posted

Mandrakesoft Security Advisories

 

Package name gdk-pixbuf/gtk+2

Date September 17th, 2004

Advisory ID MDKSA-2004:095-1

Affected versions 9.2, 10.0

Synopsis Updated gdk-pixbuf and gtk+2 packages fix image loading vulnerabilities

 

 

Problem Description

 

A vulnerability was found in the gdk-pixbug bmp loader where a bad BMP image could send the bmp loader into an infinite loop (CAN-2004-0753).

 

Chris Evans found a heap-based overflow and a stack-based overflow in the xpm loader of gdk-pixbuf (CAN-2004-0782 and CAN-2004-0783).

 

Chris Evans also discovered an integer overflow in the ico loader of gdk-pixbuf (CAN-2004-0788).

 

All four problems have been corrected in these updated packages.

 

Update:

 

The previous package had an incorrect patch applied that would cause some problems with other programs. The updated packages have the correct patch applied.

 

As well, patched gtk+2 packages, which also contain gdk-pixbuf, are now provided.

 

 

Updated Packages

 

 

Mandrakelinux 9.2

 

bf8f3710f9792ea4a3129410afbf1cda 9.2/RPMS/gdk-pixbuf-loaders-0.22.0-2.2.92mdk.i586.rpm

2ab77930f412c6f3a0373134b24b1165 9.2/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-2.2.92mdk.i586.rpm

0a4c0705ff1c118424b1570a9b2acc2f 9.2/RPMS/libgdk-pixbuf-xlib2-0.22.0-2.2.92mdk.i586.rpm

95d4691c391b146db6ff14619dd53227 9.2/RPMS/libgdk-pixbuf2-0.22.0-2.2.92mdk.i586.rpm

020d320f39d69ce1e3b340938eac0256 9.2/RPMS/libgdk-pixbuf2-devel-0.22.0-2.2.92mdk.i586.rpm

a7f6afac10617f2171f8a796987ba0fb 9.2/SRPMS/gdk-pixbuf-0.22.0-2.2.92mdk.src.rpm

328642197df7603b7ff700d3b5ca12cf 9.2/RPMS/gtk+2.0-2.2.4-2.1.92mdk.i586.rpm

1650e731804b10685bb1b0ccf101b389 9.2/RPMS/libgdk_pixbuf2.0_0-2.2.4-2.1.92mdk.i586.rpm

5722237cd995567e4ed3be4139d9d96d 9.2/RPMS/libgdk_pixbuf2.0_0-devel-2.2.4-2.1.92mdk.i586.rpm

f26d81eed60057e456fffe42a9a01437 9.2/RPMS/libgtk+-linuxfb-2.0_0-2.2.4-2.1.92mdk.i586.rpm

daa0ca425129e332476c4fc8f9709ff1 9.2/RPMS/libgtk+-linuxfb-2.0_0-devel-2.2.4-2.1.92mdk.i586.rpm

da70d8bdacb5c1d2e9d301a389ddb82e 9.2/RPMS/libgtk+-x11-2.0_0-2.2.4-2.1.92mdk.i586.rpm

8a66354ff887f9d280681759734509c0 9.2/RPMS/libgtk+2.0_0-2.2.4-2.1.92mdk.i586.rpm

d0c7f1573d1e3368814ec9c35ea6dd5a 9.2/RPMS/libgtk+2.0_0-devel-2.2.4-2.1.92mdk.i586.rpm

5dc4e93ced7632259aaf1278c38dd347 9.2/SRPMS/gtk+2.0-2.2.4-2.1.92mdk.src.rpm

 

Mandrakelinux 9.2/AMD64

 

e6fa6dcf9860cbcde2d2dda9414e22a8 amd64/9.2/RPMS/gdk-pixbuf-loaders-0.22.0-2.2.92mdk.amd64.rpm

182bd59ea26eb0ea4b93bf880bb97be4 amd64/9.2/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-2.2.92mdk.amd64.rpm

d10c1f03a8f14a6604ec6d5f2df9d5f1 amd64/9.2/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-2.2.92mdk.amd64.rpm

b424932876f00a98b9c4b2722b97473e amd64/9.2/RPMS/lib64gdk-pixbuf2-0.22.0-2.2.92mdk.amd64.rpm

81dfec9c414854253d54bbac2565dfb1 amd64/9.2/RPMS/lib64gdk-pixbuf2-devel-0.22.0-2.2.92mdk.amd64.rpm

a7f6afac10617f2171f8a796987ba0fb amd64/9.2/SRPMS/gdk-pixbuf-0.22.0-2.2.92mdk.src.rpm

a090868933ecbda11441f81abea5f39b amd64/9.2/RPMS/gtk+2.0-2.2.4-2.1.92mdk.amd64.rpm

e0c151dc3a22cb61f39a3686e0389432 amd64/9.2/RPMS/lib64gdk_pixbuf2.0_0-2.2.4-2.1.92mdk.amd64.rpm

1e427925b97e0200fe0908fee1516ad7 amd64/9.2/RPMS/lib64gdk_pixbuf2.0_0-devel-2.2.4-2.1.92mdk.amd64.rpm

74574e4676ce7322f1dcca7c602f56e6 amd64/9.2/RPMS/lib64gtk+-linuxfb-2.0_0-2.2.4-2.1.92mdk.amd64.rpm

59907a6229374428927b54d2fedeb78c amd64/9.2/RPMS/lib64gtk+-linuxfb-2.0_0-devel-2.2.4-2.1.92mdk.amd64.rpm

d161e7dab4e9dc17ecc4fa6cbdc24ecb amd64/9.2/RPMS/lib64gtk+-x11-2.0_0-2.2.4-2.1.92mdk.amd64.rpm

03eb76253ed818631a08fd8474c8a351 amd64/9.2/RPMS/lib64gtk+2.0_0-2.2.4-2.1.92mdk.amd64.rpm

8990247a796b55339d5b1b1237b06c97 amd64/9.2/RPMS/lib64gtk+2.0_0-devel-2.2.4-2.1.92mdk.amd64.rpm

5dc4e93ced7632259aaf1278c38dd347 amd64/9.2/SRPMS/gtk+2.0-2.2.4-2.1.92mdk.src.rpm

 

Mandrakelinux 10.0

 

8e876939c906d6f9dd26df036c7034c1 10.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.2.100mdk.i586.rpm

ee4ccc32d2c7d17ad602ba391c1c46ff 10.0/RPMS/libgdk-pixbuf-gnomecanvas1-0.22.0-2.2.100mdk.i586.rpm

b1e29d741dfd0b4db56085e346663d66 10.0/RPMS/libgdk-pixbuf-xlib2-0.22.0-2.2.100mdk.i586.rpm

acd358e06b571209fa07ed81d6f08c6f 10.0/RPMS/libgdk-pixbuf2-0.22.0-2.2.100mdk.i586.rpm

6f866e24c433387958ff737bcdf5e424 10.0/RPMS/libgdk-pixbuf2-devel-0.22.0-2.2.100mdk.i586.rpm

d8083e6a741ba196202b3beba6ec6533 10.0/SRPMS/gdk-pixbuf-0.22.0-2.2.100mdk.src.rpm

d49f667b621b191ef971380f46323fb3 10.0/RPMS/gtk+2.0-2.2.4-10.1.100mdk.i586.rpm

b6582a8ad1236a1d69bdbdbe5188234a 10.0/RPMS/libgdk_pixbuf2.0_0-2.2.4-10.1.100mdk.i586.rpm

3eca5e1e74c3cda7cd8e5344388c47d2 10.0/RPMS/libgdk_pixbuf2.0_0-devel-2.2.4-10.1.100mdk.i586.rpm

3803aa8ad8bf2cfa552e8dc3035d529a 10.0/RPMS/libgtk+-linuxfb-2.0_0-2.2.4-10.1.100mdk.i586.rpm

141d8446994456d82389932eeffe33cf 10.0/RPMS/libgtk+-linuxfb-2.0_0-devel-2.2.4-10.1.100mdk.i586.rpm

56f8b5bb0aeaaeccd582250868008695 10.0/RPMS/libgtk+-x11-2.0_0-2.2.4-10.1.100mdk.i586.rpm

a56a6e8aecb12b48b0f9de75d987a035 10.0/RPMS/libgtk+2.0_0-2.2.4-10.1.100mdk.i586.rpm

690b201975e573c5467a6767fb349beb 10.0/RPMS/libgtk+2.0_0-devel-2.2.4-10.1.100mdk.i586.rpm

80b1d38274cffc8796e5a3ab205f3e7d 10.0/SRPMS/gtk+2.0-2.2.4-10.1.100mdk.src.rpm

 

Mandrakelinux 10.0/AMD64

 

3205a9334ed0de43d3d5c26a2294e800 amd64/10.0/RPMS/gdk-pixbuf-loaders-0.22.0-2.2.100mdk.amd64.rpm

924018f6f4abe98841068c1708229e09 amd64/10.0/RPMS/lib64gdk-pixbuf-gnomecanvas1-0.22.0-2.2.100mdk.amd64.rpm

5a14fee773367fc440566e7922a09579 amd64/10.0/RPMS/lib64gdk-pixbuf-xlib2-0.22.0-2.2.100mdk.amd64.rpm

13b76036783088ade2f56b697cc8c2ac amd64/10.0/RPMS/lib64gdk-pixbuf2-0.22.0-2.2.100mdk.amd64.rpm

f8375076c5c0de45494b717fc86f7c97 amd64/10.0/RPMS/lib64gdk-pixbuf2-devel-0.22.0-2.2.100mdk.amd64.rpm

d8083e6a741ba196202b3beba6ec6533 amd64/10.0/SRPMS/gdk-pixbuf-0.22.0-2.2.100mdk.src.rpm

b5dc1e354716a812c2b1eaffb69029f9 amd64/10.0/RPMS/gtk+2.0-2.2.4-10.1.100mdk.amd64.rpm

ddcf934113e300381b3f0311cd7df849 amd64/10.0/RPMS/lib64gdk_pixbuf2.0_0-2.2.4-10.1.100mdk.amd64.rpm

b003aa7e7f825327a6e2b18d0be53fb1 amd64/10.0/RPMS/lib64gdk_pixbuf2.0_0-devel-2.2.4-10.1.100mdk.amd64.rpm

1f6b5579bf13a04eefa01686feec455f amd64/10.0/RPMS/lib64gtk+-linuxfb-2.0_0-2.2.4-10.1.100mdk.amd64.rpm

ce660c9b9e0111a0fef8178732d4f614 amd64/10.0/RPMS/lib64gtk+-linuxfb-2.0_0-devel-2.2.4-10.1.100mdk.amd64.rpm

cb3e62c954221b745bb0dc0288674f3f amd64/10.0/RPMS/lib64gtk+-x11-2.0_0-2.2.4-10.1.100mdk.amd64.rpm

546d7b306fb21cd6cc15eb9fc383a2d0 amd64/10.0/RPMS/lib64gtk+2.0_0-2.2.4-10.1.100mdk.amd64.rpm

3c3c00ceb1235d58e6f6b9e6bbe9044a amd64/10.0/RPMS/lib64gtk+2.0_0-devel-2.2.4-10.1.100mdk.amd64.rpm

80b1d38274cffc8796e5a3ab205f3e7d amd64/10.0/SRPMS/gtk+2.0-2.2.4-10.1.100mdk.src.rpm

 

References

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788

 

 

Upgrade

 

 

To upgrade automatically, use MandrakeUpdate.

 

Verification

 

 

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command:

 

rpm --checksig package.rpm

 

 

You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM.

 

If you use MandrakeUpdate, the verification of

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...