MDKSA-2004:089 - Updated imlib/imlib2 packages fix BMP crash vulnerability
Date: 8 Sep 2004 01:35:25 -0000
From: Mandrake Linux Security Team <[email protected]>
To: [email protected]
Subject: MDKSA-2004:089 - Updated imlib/imlib2 packages fix BMP crash vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: imlib2
Advisory ID: MDKSA-2004:089
Date: September 7th, 2004
Affected versions: 10.0, 9.2, Corporate Server 2.1
______________________________________________________________________
Problem Description:
Marcus Meissner discovered that the imlib and imlib2 libraries are
also affected with a similar BMP-related vulnerability as the recent
QT updates. The updated imlib and imlib2 packages are patched to
protect against this problem.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
45c2e00642a3261e4f084327bde0759b 10.0/RPMS/imlib-1.9.14-8.1.100mdk.i586.rpm
76ee25761136e631bc099fd76da43080 10.0/RPMS/imlib-cfgeditor-1.9.14-8.1.100mdk.i586.rpm
09f1757ab48d983437b0d40acefcf646 10.0/RPMS/libimlib1-1.9.14-8.1.100mdk.i586.rpm
94567c151d4de01561681faac1f50cbb 10.0/RPMS/libimlib1-devel-1.9.14-8.1.100mdk.i586.rpm
0f82a3fda2a6d0d22c01f6b342521840 10.0/RPMS/libimlib2_1-1.0.6-4.1.100mdk.i586.rpm
538f333c36fc795d76889e708021378e 10.0/RPMS/libimlib2_1-devel-1.0.6-4.1.100mdk.i586.rpm
0f9e9d497591a5df950a47447a7a5295 10.0/RPMS/libimlib2_1-filters-1.0.6-4.1.100mdk.i586.rpm
44636a6d15888387fa665d1ee1891ec3 10.0/RPMS/libimlib2_1-loaders-1.0.6-4.1.100mdk.i586.rpm
00f1d3fd452e0fa6099d9f3cb6a1f1d3 10.0/SRPMS/imlib-1.9.14-8.1.100mdk.src.rpm
c67b09002eb29fc6a3335467a098b0bd 10.0/SRPMS/imlib2-1.0.6-4.1.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
356ba1d0ed3b224dafc8aa935550f1c8 amd64/10.0/RPMS/imlib-1.9.14-8.1.100mdk.amd64.rpm
0020bc9b34df76ea0f5957586f4057ca amd64/10.0/RPMS/imlib-cfgeditor-1.9.14-8.1.100mdk.amd64.rpm
30b95081b048b4b2a16267e188adf06b amd64/10.0/RPMS/lib64imlib1-1.9.14-8.1.100mdk.amd64.rpm
b591c6da970481fdf0eb1737689e5b7c amd64/10.0/RPMS/lib64imlib1-devel-1.9.14-8.1.100mdk.amd64.rpm
7851372f5ca5ab3d249906dbd7431690 amd64/10.0/RPMS/lib64imlib2_1-1.0.6-4.1.100mdk.amd64.rpm
a66906219141ad3eaa156f4d2f18ad80 amd64/10.0/RPMS/lib64imlib2_1-devel-1.0.6-4.1.100mdk.amd64.rpm
6c086b3408883a5e05426327aa1cf020 amd64/10.0/RPMS/lib64imlib2_1-filters-1.0.6-4.1.100mdk.amd64.rpm
b017bad9400095893e8faf8456db2937 amd64/10.0/RPMS/lib64imlib2_1-loaders-1.0.6-4.1.100mdk.amd64.rpm
00f1d3fd452e0fa6099d9f3cb6a1f1d3 amd64/10.0/SRPMS/imlib-1.9.14-8.1.100mdk.src.rpm
c67b09002eb29fc6a3335467a098b0bd amd64/10.0/SRPMS/imlib2-1.0.6-4.1.100mdk.src.rpm
Corporate Server 2.1:
45155b9dc3c7ca0a08c6277f4d27d8ee corporate/2.1/RPMS/imlib-1.9.14-5.1.C21mdk.i586.rpm
dd7059319056c8f87e1d464ef04745fb corporate/2.1/RPMS/imlib-cfgeditor-1.9.14-5.1.C21mdk.i586.rpm
4498f5b1821fe1c1aae742f3a97aa2b0 corporate/2.1/RPMS/libimlib1-1.9.14-5.1.C21mdk.i586.rpm
1f4019dccb0b2e027fd094fb5e079875 corporate/2.1/RPMS/libimlib1-devel-1.9.14-5.1.C21mdk.i586.rpm
22aadbc163940e8ebecb5142b90a5f56 corporate/2.1/RPMS/libimlib2_1-1.0.5-2.1.C21mdk.i586.rpm
fd124ccb8b37c6f302405f059eec56da corporate/2.1/RPMS/libimlib2_1-devel-1.0.5-2.1.C21mdk.i586.rpm
ab77824f06eaacfba54146ccb5f5a539 corporate/2.1/RPMS/libimlib2_1-filters-1.0.5-2.1.C21mdk.i586.rpm
ba02b9c07de55f19df4d772b4b6dac39 corporate/2.1/RPMS/libimlib2_1-loaders-1.0.5-2.1.C21mdk.i586.rpm
efcdd5a520d8313c1e1e4ee46c3c6dd3 corporate/2.1/SRPMS/imlib-1.9.14-5.1.C21mdk.src.rpm
e4bb939ab61671005eec878af3733533 corporate/2.1/SRPMS/imlib2-1.0.5-2.1.C21mdk.src.rpm
Corporate Server 2.1/x86_64:
f574361c2152d8dbbe39e67b752a0aae x86_64/corporate/2.1/RPMS/imlib-1.9.14-5.1.C21mdk.x86_64.rpm
084cf40c7fa5e3dbb3433091c902629d x86_64/corporate/2.1/RPMS/imlib-cfgeditor-1.9.14-5.1.C21mdk.x86_64.rpm
87adccfd0de38af4bfac1746e87715fa x86_64/corporate/2.1/RPMS/libimlib1-1.9.14-5.1.C21mdk.x86_64.rpm
8627df2906d6f4a5e6d1062219d4a57d x86_64/corporate/2.1/RPMS/libimlib1-devel-1.9.14-5.1.C21mdk.x86_64.rpm
9a8a30c93e69eea65f57ee33d5bbbc46 x86_64/corporate/2.1/RPMS/libimlib2_1-1.0.5-2.1.C21mdk.x86_64.rpm
c335f9793c4ae08a39e8181af4ed6349 x86_64/corporate/2.1/RPMS/libimlib2_1-devel-1.0.5-2.1.C21mdk.x86_64.rpm
0702ec29b746e5446e03a74082120114 x86_64/corporate/2.1/RPMS/libimlib2_1-filters-1.0.5-2.1.C21mdk.x86_64.rpm
9d3238eebc7cb6c7bde0c7d7e98a51c4 x86_64/corporate/2.1/RPMS/libimlib2_1-loaders-1.0.5-2.1.C21mdk.x86_64.rpm
efcdd5a520d8313c1e1e4ee46c3c6dd3 x86_64/corporate/2.1/SRPMS/imlib-1.9.14-5.1.C21mdk.src.rpm
e4bb939ab61671005eec878af3733533 x86_64/corporate/2.1/SRPMS/imlib2-1.0.5-2.1.C21mdk.src.rpm
Mandrakelinux 9.2:
de030104e6dd6bb5c4aa2f076c4514c6 9.2/RPMS/imlib-1.9.14-8.1.92mdk.i586.rpm
fd99bd742d696ea8ac43aef9ee86d25e 9.2/RPMS/imlib-cfgeditor-1.9.14-8.1.92mdk.i586.rpm
b1ef54878da62d2e5a69bdf305c574c5 9.2/RPMS/libimlib1-1.9.14-8.1.92mdk.i586.rpm
08a13f893c88051cbc66c685d8cd635d 9.2/RPMS/libimlib1-devel-1.9.14-8.1.92mdk.i586.rpm
2e4efaa54b9929fbf2e0e390907b9225 9.2/RPMS/libimlib2_1-1.0.6-4.1.92mdk.i586.rpm
525c7dc281fb0da4edf99cb3ce7d2545 9.2/RPMS/libimlib2_1-devel-1.0.6-4.1.92mdk.i586.rpm
cc2460b560c5b11eeb804502954aa038 9.2/RPMS/libimlib2_1-filters-1.0.6-4.1.92mdk.i586.rpm
e80a879d5da05b68ef5d9cad932ba921 9.2/RPMS/libimlib2_1-loaders-1.0.6-4.1.92mdk.i586.rpm
7dd8f9265ede345c58d05ae6ed376145 9.2/SRPMS/imlib-1.9.14-8.1.92mdk.src.rpm
0766a9aead77eec5cec8ebbc06504003 9.2/SRPMS/imlib2-1.0.6-4.1.92mdk.src.rpm
Mandrakelinux 9.2/AMD64:
4391a5aecba284eabf0337002fbb924c amd64/9.2/RPMS/imlib-1.9.14-8.1.92mdk.amd64.rpm
67ba3ab94dea87029de4a64620c4f066 amd64/9.2/RPMS/imlib-cfgeditor-1.9.14-8.1.92mdk.amd64.rpm
9edd6ec450997a5773919f8035e9b159 amd64/9.2/RPMS/lib64imlib1-1.9.14-8.1.92mdk.amd64.rpm
448531d483a3c6499bface39c4cb9dfb amd64/9.2/RPMS/lib64imlib1-devel-1.9.14-8.1.92mdk.amd64.rpm
9dc5a05d737d00c5a3a18b23de02c144 amd64/9.2/RPMS/lib64imlib2_1-1.0.6-4.1.92mdk.amd64.rpm
2bcca43ad1a5138f929ce78cd753100f amd64/9.2/RPMS/lib64imlib2_1-devel-1.0.6-4.1.92mdk.amd64.rpm
87cc1762967d2aefe5f46e43a2d546b2 amd64/9.2/RPMS/lib64imlib2_1-filters-1.0.6-4.1.92mdk.amd64.rpm
dbabc4165886cfeaa2c234ee7ed5b277 amd64/9.2/RPMS/lib64imlib2_1-loaders-1.0.6-4.1.92mdk.amd64.rpm
7dd8f9265ede345c58d05ae6ed376145 amd64/9.2/SRPMS/imlib-1.9.14-8.1.92mdk.src.rpm
0766a9aead77eec5cec8ebbc06504003 amd64/9.2/SRPMS/imlib2-1.0.6-4.1.92mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBPmHdmqjQ0CJFipgRAtrNAKCWhGfd/AmnMpvDOcqKiALeKFDeXwCeMcBO
GhwJ5+6DeKiIDuXHEs2o9TE=
=QiSZ
-----END PGP SIGNATURE-----