-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2007:156 http://www.mandriva.com/security/ _______________________________________________________________________ Package : imlib2 Date : August 10, 2007 Affected: 2007.1 _______________________________________________________________________ Problem Description: M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load() function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an application using Imlib2 attempts to view the image. (CVE-2006-4806) The tga loader fails to bounds check input data to make sure the input data doesn load outside the memory mapped region. (CVE-2006-4807) The RLE decoding loops of the load() function in the tga loader does not check that the count byte of an RLE packet doesn cause a heap overflow of the pixel buffer. (CVE-2006-4808) The load() function of the pnm loader writes arbitrary length user data into a fixed size stack allocated buffer buf[] without bounds checking. (CVE-2006-4809) Updated packages have been patched to prevent these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4808 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4809 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: 93fb0190586a7d3cea1fdebd2f64fd9d 2007.1/i586/imlib2-data-1.2.2-3.1mdv2007.1.i586.rpm 31eeeba69830afe5c38d8109636d6c69 2007.1/i586/libimlib2_1-1.2.2-3.1mdv2007.1.i586.rpm d2d8be16f67dde3b7f504749bf9c890c 2007.1/i586/libimlib2_1-devel-1.2.2-3.1mdv2007.1.i586.rpm a3ea749502e4182b4395fc69d8930b62 2007.1/i586/libimlib2_1-filters-1.2.2-3.1mdv2007.1.i586.rpm 5875424ff95bba848d26994445c26072 2007.1/i586/libimlib2_1-loaders-1.2.2-3.1mdv2007.1.i586.rpm 16807bb6a2de35737fc362f88d525fa4 2007.1/SRPMS/imlib2-1.2.2-3.1mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: f5bcf12f3d6f900643bf8e4f73a365bf 2007.1/x86_64/imlib2-data-1.2.2-3.1mdv2007.1.x86_64.rpm 9ed2f086037513d7da5433e93846df70 2007.1/x86_64/lib64imlib2_1-1.2.2-3.1mdv2007.1.x86_64.rpm e178a706ae10d9f5cd3b727cd105eaae 2007.1/x86_64/lib64imlib2_1-devel-1.2.2-3.1mdv2007.1.x86_64.rpm 7957c0ddb6cd1a3cf5161005ec661236 2007.1/x86_64/lib64imlib2_1-filters-1.2.2-3.1mdv2007.1.x86_64.rpm 765d9d53ddf0b9ec81f6ec4e3fb12338 2007.1/x86_64/lib64imlib2_1-loaders-1.2.2-3.1mdv2007.1.x86_64.rpm 16807bb6a2de35737fc362f88d525fa4 2007.1/SRPMS/imlib2-1.2.2-3.1mdv2007.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGvMCfmqjQ0CJFipgRAgzxAJ9VXVAjHYkrmN7YWZrAIV2N/btFCACdE3oc rZAHK7PeIVpM9IRw14YB9TA= =8DKs -----END PGP SIGNATURE-----
