Home / vulnerabilitiesPDF  

MDKSA-2006-198.txt

Posted on 07 November 2006
Source : packetstormsecurity.org Link

 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:198
http://www.mandriva.com/security/
_______________________________________________________________________

Package : imlib2
Date : November 6, 2006
Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

M Joonas Pihlaja discovered several vulnerabilities in the Imlib2
graphics library.

The load() function of several of the Imlib2 image loaders does not
check the width and height of an image before allocating memory. As a
result, a carefully crafted image file can trigger a segfault when an
application using Imlib2 attempts to view the image. (CVE-2006-4806)

The tga loader fails to bounds check input data to make sure the input
data doesn't load outside the memory mapped region. (CVE-2006-4807)

The RLE decoding loops of the load() function in the tga loader does
not check that the count byte of an RLE packet doesn't cause a heap
overflow of the pixel buffer. (CVE-2006-4808)

The load() function of the pnm loader writes arbitrary length user data
into a fixed size stack allocated buffer buf[] without bounds checking.
(CVE-2006-4809) Updated packages have been patched to correct these
issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4809
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2006.0:
61a92ac496821d914751fe183b099263 2006.0/i586/imlib2-data-1.2.1-1.2.20060mdk.i586.rpm
a0a74f3117aa9702068aae1c6e1f0215 2006.0/i586/libimlib2_1-1.2.1-1.2.20060mdk.i586.rpm
971783221a16e7afbd9b6142aab4de35 2006.0/i586/libimlib2_1-devel-1.2.1-1.2.20060mdk.i586.rpm
41b4415dfb63f51b6f5f980ef58f685f 2006.0/i586/libimlib2_1-filters-1.2.1-1.2.20060mdk.i586.rpm
69ad32ff42eeef614c23bb419a0eaf3e 2006.0/i586/libimlib2_1-loaders-1.2.1-1.2.20060mdk.i586.rpm
1188a1e19ae5d8563ae2a325d3ea987f 2006.0/SRPMS/imlib2-1.2.1-1.2.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
5a4980871ffe61c3882c41533c13b97a 2006.0/x86_64/imlib2-data-1.2.1-1.2.20060mdk.x86_64.rpm
c4531cab09bd2e5d6653df5969f7981c 2006.0/x86_64/lib64imlib2_1-1.2.1-1.2.20060mdk.x86_64.rpm
d7531e7c9c3620fa35b05d5415a9676b 2006.0/x86_64/lib64imlib2_1-devel-1.2.1-1.2.20060mdk.x86_64.rpm
ff216ddb7de205c49faf18b9e435821c 2006.0/x86_64/lib64imlib2_1-filters-1.2.1-1.2.20060mdk.x86_64.rpm
e669ec08c9fce8a583e28f29b28d9e66 2006.0/x86_64/lib64imlib2_1-loaders-1.2.1-1.2.20060mdk.x86_64.rpm
1188a1e19ae5d8563ae2a325d3ea987f 2006.0/SRPMS/imlib2-1.2.1-1.2.20060mdk.src.rpm

Mandriva Linux 2007.0:
adf7ed6fccaddac90171085ece7daf20 2007.0/i586/imlib2-data-1.2.2-3.1mdv2007.0.i586.rpm
b03291bafed20868ba340925ff9ecef2 2007.0/i586/libimlib2_1-1.2.2-3.1mdv2007.0.i586.rpm
4cfd43e98f2866b5d57750f4f6c45663 2007.0/i586/libimlib2_1-devel-1.2.2-3.1mdv2007.0.i586.rpm
99231eaa46f95b43fbef8be44ee36193 2007.0/i586/libimlib2_1-filters-1.2.2-3.1mdv2007.0.i586.rpm
5ff7de44c82d49ebf5be654bf0effe50 2007.0/i586/libimlib2_1-loaders-1.2.2-3.1mdv2007.0.i586.rpm
99ad9ff6aaddce3d73bc8a47d2bb73ea 2007.0/SRPMS/imlib2-1.2.2-3.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
604bf6917fd4413a204695fb65c15110 2007.0/x86_64/imlib2-data-1.2.2-3.1mdv2007.0.x86_64.rpm
b3f8bb8fc561b4d0d48fb6b7640a3b84 2007.0/x86_64/lib64imlib2_1-1.2.2-3.1mdv2007.0.x86_64.rpm
af12fa122091d2ccdafdd21416df3309 2007.0/x86_64/lib64imlib2_1-devel-1.2.2-3.1mdv2007.0.x86_64.rpm
85e4911818f812c2ddc99d3cf62f3df0 2007.0/x86_64/lib64imlib2_1-filters-1.2.2-3.1mdv2007.0.x86_64.rpm
0ed6d6cfe90315ca12405027f8031958 2007.0/x86_64/lib64imlib2_1-loaders-1.2.2-3.1mdv2007.0.x86_64.rpm
99ad9ff6aaddce3d73bc8a47d2bb73ea 2007.0/SRPMS/imlib2-1.2.2-3.1mdv2007.0.src.rpm

Corporate 3.0:
610276f332b6ce30ea2ada19b80bdb1f corporate/3.0/i586/libimlib2_1-1.0.6-4.3.C30mdk.i586.rpm
ce31f301a4cec25ba6a86732d6600805 corporate/3.0/i586/libimlib2_1-devel-1.0.6-4.3.C30mdk.i586.rpm
f178557deeda2fa53f08481985aeee99 corporate/3.0/i586/libimlib2_1-filters-1.0.6-4.3.C30mdk.i586.rpm
b9165cc9a103e80e13cd4835c5874a54 corporate/3.0/i586/libimlib2_1-loaders-1.0.6-4.3.C30mdk.i586.rpm
4b5f84a49162012ca7cee030566c0461 corporate/3.0/SRPMS/imlib2-1.0.6-4.3.C30mdk.src.rpm

Corporate 3.0/X86_64:
a37ad5a95f5a3519e2f3090b71f9de99 corporate/3.0/x86_64/lib64imlib2_1-1.0.6-4.3.C30mdk.x86_64.rpm
148ab2ef27ed87405a29b0a394827887 corporate/3.0/x86_64/lib64imlib2_1-devel-1.0.6-4.3.C30mdk.x86_64.rpm
ef6ffbe6ea2ec16d714a6a4261e9bce6 corporate/3.0/x86_64/lib64imlib2_1-filters-1.0.6-4.3.C30mdk.x86_64.rpm
9a7d3ee335ba971731ef1230927fad88 corporate/3.0/x86_64/lib64imlib2_1-loaders-1.0.6-4.3.C30mdk.x86_64.rpm
4b5f84a49162012ca7cee030566c0461 corporate/3.0/SRPMS/imlib2-1.0.6-4.3.C30mdk.src.rpm

Corporate 4.0:
dd7675dc08d6ed462d9f9fee4450815e corporate/4.0/i586/imlib2-data-1.2.1-1.2.20060mlcs4.i586.rpm
8285e3db5134485c0cfacbcebfa21389 corporate/4.0/i586/libimlib2_1-1.2.1-1.2.20060mlcs4.i586.rpm
2baef0ec63ad09924239a67e9d5baf35 corporate/4.0/i586/libimlib2_1-devel-1.2.1-1.2.20060mlcs4.i586.rpm
a30ffb7bcdaba5cec2d7cd1723c71a1a corporate/4.0/i586/libimlib2_1-filters-1.2.1-1.2.20060mlcs4.i586.rpm
b4ec86646ebf5aa73311ad7aeb2117c2 corporate/4.0/i586/libimlib2_1-loaders-1.2.1-1.2.20060mlcs4.i586.rpm
f324a900203b4ba24b4e098f2cd15f69 corporate/4.0/SRPMS/imlib2-1.2.1-1.2.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
a7f9c11f9cf129e153877dd7a9456b3e corporate/4.0/x86_64/imlib2-data-1.2.1-1.2.20060mlcs4.x86_64.rpm
aa3126674dc6a3570de937e94bc51943 corporate/4.0/x86_64/lib64imlib2_1-1.2.1-1.2.20060mlcs4.x86_64.rpm
187f51f0f84ba40258da7646992a38df corporate/4.0/x86_64/lib64imlib2_1-devel-1.2.1-1.2.20060mlcs4.x86_64.rpm
7e8303c8b70fcc89e1c88e5d3fb61233 corporate/4.0/x86_64/lib64imlib2_1-filters-1.2.1-1.2.20060mlcs4.x86_64.rpm
c888c645504811b52b240d473ad4e23f corporate/4.0/x86_64/lib64imlib2_1-loaders-1.2.1-1.2.20060mlcs4.x86_64.rpm
f324a900203b4ba24b4e098f2cd15f69 corporate/4.0/SRPMS/imlib2-1.2.1-1.2.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFT8UQmqjQ0CJFipgRAj8YAJ4zYoGmi8C8O1p7BBodV15DZENY1wCg3fC5
MQoP0SzIZIBRYkDM41xyPEs=
=qOQe
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

 

TOP