aru Posted October 28, 2005 Report Share Posted October 28, 2005 Mandriva Security Advisories MDKSA-2005:199 : netpbm Updated netpbm packages fix pnmtopng vulnerabilities October 26th, 2005 Pnmtopng in netpbm 10.2X, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack. Netpbm 9.2X is not affected by this vulnerability. The updated packages have been patched to correct this problem. The released versions of Mandriva GNU/Linux affected are: 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:199 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2978 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts