RHSA-2005:343-01: Important: gdk-pixbuf security update
Posted on: 04/05/2005 11:25 AM

gdk-pixbuf security updates are available for Red Hat Enterprise Linux 2.1, 3, and 4

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: gdk-pixbuf security update
Advisory ID: RHSA-2005:343-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-343.html
Issue date: 2005-04-05
Updated on: 2005-04-05
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-0891
----------------------------------------------------------------------

1. Summary:

Updated gdk-pixbuf packages that fix a double free vulnerability are now available.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment.

A bug was found in the way gdk-pixbuf processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack on applications linked against gdk-pixbuf. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to this issue.

Users of gdk-pixbuf are advised to upgrade to these packages, which contain a backported patch and is not vulnerable to this issue.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

152315 - CAN-2005-0891 gdk-pixbuf BMP double free DoS

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el2.src.rpm
cd150c0707736057ed148da2f4f716c8 gdk-pixbuf-0.22.0-12.el2.src.rpm

i386:
7dfdd5d16a91e64380970e56d490c471 gdk-pixbuf-0.22.0-12.el2.i386.rpm
be7486b35d88c407fef24c541e525dc1 gdk-pixbuf-devel-0.22.0-12.el2.i386.rpm
9af7825523aeeff36cb7633e3cdc4403 gdk-pixbuf-gnome-0.22.0-12.el2.i386.rpm

ia64:
f6c266be7bb786fcaa6a7025719bd74f gdk-pixbuf-0.22.0-12.el2.ia64.rpm
6d344d3c48fac3320b5c7b4c34a28018 gdk-pixbuf-devel-0.22.0-12.el2.ia64.rpm
f6cfeb5bcf4e5da379fc8dd31811224d gdk-pixbuf-gnome-0.22.0-12.el2.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el2.src.rpm
cd150c0707736057ed148da2f4f716c8 gdk-pixbuf-0.22.0-12.el2.src.rpm

ia64:
f6c266be7bb786fcaa6a7025719bd74f gdk-pixbuf-0.22.0-12.el2.ia64.rpm
6d344d3c48fac3320b5c7b4c34a28018 gdk-pixbuf-devel-0.22.0-12.el2.ia64.rpm
f6cfeb5bcf4e5da379fc8dd31811224d gdk-pixbuf-gnome-0.22.0-12.el2.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el2.src.rpm
cd150c0707736057ed148da2f4f716c8 gdk-pixbuf-0.22.0-12.el2.src.rpm

i386:
7dfdd5d16a91e64380970e56d490c471 gdk-pixbuf-0.22.0-12.el2.i386.rpm
be7486b35d88c407fef24c541e525dc1 gdk-pixbuf-devel-0.22.0-12.el2.i386.rpm
9af7825523aeeff36cb7633e3cdc4403 gdk-pixbuf-gnome-0.22.0-12.el2.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el2.src.rpm
cd150c0707736057ed148da2f4f716c8 gdk-pixbuf-0.22.0-12.el2.src.rpm

i386:
7dfdd5d16a91e64380970e56d490c471 gdk-pixbuf-0.22.0-12.el2.i386.rpm
be7486b35d88c407fef24c541e525dc1 gdk-pixbuf-devel-0.22.0-12.el2.i386.rpm
9af7825523aeeff36cb7633e3cdc4403 gdk-pixbuf-gnome-0.22.0-12.el2.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el3.src.rpm
976b86cf75b4e7a59bceee5b4edc9a97 gdk-pixbuf-0.22.0-12.el3.src.rpm

i386:
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
f865db4cd92f7395a9ef0769d6fd3c08 gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
c1d243418786af9aa77f93343feb4e9c gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm

ia64:
41f620654091eee65af1e2a7caa4c629 gdk-pixbuf-0.22.0-12.el3.ia64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
e88d2b283b5ba14c9e17cf0fa0ff5632 gdk-pixbuf-devel-0.22.0-12.el3.ia64.rpm
d0747f8cc77eff6781978f265417ed09 gdk-pixbuf-gnome-0.22.0-12.el3.ia64.rpm

ppc:
dcde354069b804f3b32855b53915e2f0 gdk-pixbuf-0.22.0-12.el3.ppc.rpm
0cdbb62e276af7694d007568070c87ff gdk-pixbuf-0.22.0-12.el3.ppc64.rpm
f1a2be2fee1859d6f70d5747b8823706 gdk-pixbuf-devel-0.22.0-12.el3.ppc.rpm
d1e0b31da885fd13c984f03b1a6cf92f gdk-pixbuf-gnome-0.22.0-12.el3.ppc.rpm

s390:
22877fb2b5a75cdcdf523ab4585fd2c7 gdk-pixbuf-0.22.0-12.el3.s390.rpm
a4acd9d3eb0eb28836fcc360e76f1122 gdk-pixbuf-devel-0.22.0-12.el3.s390.rpm
6b2ed0bcdb22c2253988e8b99926a533 gdk-pixbuf-gnome-0.22.0-12.el3.s390.rpm

s390x:
17a78e9783fb3d9fb966c90d15052889 gdk-pixbuf-0.22.0-12.el3.s390x.rpm
22877fb2b5a75cdcdf523ab4585fd2c7 gdk-pixbuf-0.22.0-12.el3.s390.rpm
d720e8670862c620fa40860ae9ff58cc gdk-pixbuf-devel-0.22.0-12.el3.s390x.rpm
edb7f22d7e8a37e7659d21a1f1b1357a gdk-pixbuf-gnome-0.22.0-12.el3.s390x.rpm

x86_64:
c1b4180a28bf65b5133c5eefa24b93a0 gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
205637111511ee684cee2a7f55faa0f1 gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
d6f7574029cdbdf29136463bf8034266 gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el3.src.rpm
976b86cf75b4e7a59bceee5b4edc9a97 gdk-pixbuf-0.22.0-12.el3.src.rpm

i386:
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
f865db4cd92f7395a9ef0769d6fd3c08 gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
c1d243418786af9aa77f93343feb4e9c gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm

x86_64:
c1b4180a28bf65b5133c5eefa24b93a0 gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
205637111511ee684cee2a7f55faa0f1 gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
d6f7574029cdbdf29136463bf8034266 gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el3.src.rpm
976b86cf75b4e7a59bceee5b4edc9a97 gdk-pixbuf-0.22.0-12.el3.src.rpm

i386:
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
f865db4cd92f7395a9ef0769d6fd3c08 gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
c1d243418786af9aa77f93343feb4e9c gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm

ia64:
41f620654091eee65af1e2a7caa4c629 gdk-pixbuf-0.22.0-12.el3.ia64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
e88d2b283b5ba14c9e17cf0fa0ff5632 gdk-pixbuf-devel-0.22.0-12.el3.ia64.rpm
d0747f8cc77eff6781978f265417ed09 gdk-pixbuf-gnome-0.22.0-12.el3.ia64.rpm

x86_64:
c1b4180a28bf65b5133c5eefa24b93a0 gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
205637111511ee684cee2a7f55faa0f1 gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
d6f7574029cdbdf29136463bf8034266 gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el3.src.rpm
976b86cf75b4e7a59bceee5b4edc9a97 gdk-pixbuf-0.22.0-12.el3.src.rpm

i386:
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
f865db4cd92f7395a9ef0769d6fd3c08 gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
c1d243418786af9aa77f93343feb4e9c gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm

ia64:
41f620654091eee65af1e2a7caa4c629 gdk-pixbuf-0.22.0-12.el3.ia64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
e88d2b283b5ba14c9e17cf0fa0ff5632 gdk-pixbuf-devel-0.22.0-12.el3.ia64.rpm
d0747f8cc77eff6781978f265417ed09 gdk-pixbuf-gnome-0.22.0-12.el3.ia64.rpm

x86_64:
c1b4180a28bf65b5133c5eefa24b93a0 gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
2ffc1b52012b1f299c8d08519a669d88 gdk-pixbuf-0.22.0-12.el3.i386.rpm
205637111511ee684cee2a7f55faa0f1 gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
d6f7574029cdbdf29136463bf8034266 gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gdk-pixbuf-0.22.0-16.el4.src.rpm
d1ebd19ea75268ebcc3f06824a4a572c gdk-pixbuf-0.22.0-16.el4.src.rpm

i386:
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c8072476dff533717a389f6fb32f978d gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm

ia64:
7ff5fe095b30974df15e143b0d7e929e gdk-pixbuf-0.22.0-16.el4.ia64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
be7e5e039520062ff027c2f482728fde gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm

ppc:
67814460f4036204f6a6061239d8748f gdk-pixbuf-0.22.0-16.el4.ppc.rpm
3c01305b14fa397a13b6e3faea132bd0 gdk-pixbuf-0.22.0-16.el4.ppc64.rpm
1e85a9e6c3c78def4fdaaa07f5b4fe3c gdk-pixbuf-devel-0.22.0-16.el4.ppc.rpm

s390:
1864bf760c9f2dcbe7983df29099a225 gdk-pixbuf-0.22.0-16.el4.s390.rpm
ed820e2cb04141a57ac381bca8d6332a gdk-pixbuf-devel-0.22.0-16.el4.s390.rpm

s390x:
a3f558d6b7370c864a6771412d1a2513 gdk-pixbuf-0.22.0-16.el4.s390x.rpm
1864bf760c9f2dcbe7983df29099a225 gdk-pixbuf-0.22.0-16.el4.s390.rpm
3c11f5939e9ac8d2e6eb5e6177b733d8 gdk-pixbuf-devel-0.22.0-16.el4.s390x.rpm

x86_64:
61f8e510098ebd12f32a7e479d0026d7 gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c94e5cee6ee5c19dd49f7371e8fddb78 gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gdk-pixbuf-0.22.0-16.el4.src.rpm
d1ebd19ea75268ebcc3f06824a4a572c gdk-pixbuf-0.22.0-16.el4.src.rpm

i386:
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c8072476dff533717a389f6fb32f978d gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm

x86_64:
61f8e510098ebd12f32a7e479d0026d7 gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c94e5cee6ee5c19dd49f7371e8fddb78 gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gdk-pixbuf-0.22.0-16.el4.src.rpm
d1ebd19ea75268ebcc3f06824a4a572c gdk-pixbuf-0.22.0-16.el4.src.rpm

i386:
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c8072476dff533717a389f6fb32f978d gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm

ia64:
7ff5fe095b30974df15e143b0d7e929e gdk-pixbuf-0.22.0-16.el4.ia64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
be7e5e039520062ff027c2f482728fde gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm

x86_64:
61f8e510098ebd12f32a7e479d0026d7 gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c94e5cee6ee5c19dd49f7371e8fddb78 gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gdk-pixbuf-0.22.0-16.el4.src.rpm
d1ebd19ea75268ebcc3f06824a4a572c gdk-pixbuf-0.22.0-16.el4.src.rpm

i386:
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c8072476dff533717a389f6fb32f978d gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm

ia64:
7ff5fe095b30974df15e143b0d7e929e gdk-pixbuf-0.22.0-16.el4.ia64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
be7e5e039520062ff027c2f482728fde gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm

x86_64:
61f8e510098ebd12f32a7e479d0026d7 gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
0871d792413b0c21bd4fff8a142bebb1 gdk-pixbuf-0.22.0-16.el4.i386.rpm
c94e5cee6ee5c19dd49f7371e8fddb78 gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0891

8. Contact:

The Red Hat security contact is lt;secalert@redhat.comgt;. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/rhsa_2005343_01_important_gdk_pixbuf_security_update.html)