aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Schulze <joey>2005-12-01 06:50:07 +0000
committerMartin Schulze <joey>2005-12-01 06:50:07 +0000
commitd82a5f2bd5b15c674129782846da3116a25637e6 (patch)
tree449f096bb2def4e18b5998647a470c5360bd33f2
parent3162b4228e0bde8ddcd9dfd2db117c8891d89998 (diff)
[DSA 913-1] New gdk-pixbuf packages fix several vulnerabilities
CVS version numbers english/security/2005/dsa-913.data: INITIAL -> 1.1 english/security/2005/dsa-913.wml: INITIAL -> 1.1
Diffstat
-rw-r--r--english/security/2005/dsa-913.data195
-rw-r--r--english/security/2005/dsa-913.wml59
2 files changed, 254 insertions, 0 deletions
diff --git a/english/security/2005/dsa-913.data b/english/security/2005/dsa-913.data
new file mode 100644
index 00000000000..35ca8b8cf41
--- /dev/null
+++ b/english/security/2005/dsa-913.data
@@ -0,0 +1,195 @@
+<define-tag pagetitle>DSA-913-1 gdk-pixbuf</define-tag>
+<define-tag report_date>2005-12-1</define-tag>
+<define-tag secrefs>CVE-2005-2975 CVE-2005-2976 CVE-2005-3186 BID15428 Bug#339431</define-tag>
+<define-tag packages>gdk-pixbuf</define-tag>
+<define-tag isvulnerable>yes</define-tag>
+<define-tag fixed>yes</define-tag>
+
+#use wml::debian::security
+
+<h3>Debian GNU/Linux 3.0 (woody)</h3>
+
+<dl>
+
+<dt><source />
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.17.0-2woody3.dsc />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.17.0-2woody3.diff.gz />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.17.0.orig.tar.gz />
+
+<dt>Alpha:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_alpha.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_alpha.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_alpha.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_alpha.deb />
+
+<dt>ARM:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_arm.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_arm.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_arm.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_arm.deb />
+
+<dt>Intel IA-32:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_i386.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_i386.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_i386.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_i386.deb />
+
+<dt>Intel IA-64:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_ia64.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_ia64.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_ia64.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_ia64.deb />
+
+<dt>HPPA:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_hppa.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_hppa.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_hppa.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_hppa.deb />
+
+<dt>Motorola 680x0:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_m68k.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_m68k.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_m68k.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_m68k.deb />
+
+<dt>Big endian MIPS:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_mips.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_mips.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_mips.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_mips.deb />
+
+<dt>Little endian MIPS:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_mipsel.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_mipsel.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_mipsel.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_mipsel.deb />
+
+<dt>PowerPC:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_powerpc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_powerpc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_powerpc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_powerpc.deb />
+
+<dt>IBM S/390:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_s390.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_s390.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_s390.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_s390.deb />
+
+<dt>Sun Sparc:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_sparc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_sparc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_sparc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_sparc.deb />
+
+</dl>
+
+<h3>Debian GNU/Linux 3.1 (sarge)</h3>
+
+<dl>
+
+<dt><source />
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.22.0-8.1.dsc />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.22.0-8.1.diff.gz />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.22.0.orig.tar.gz />
+
+<dt>Alpha:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_alpha.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_alpha.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_alpha.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_alpha.deb />
+
+<dt>AMD64:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_amd64.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_amd64.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_amd64.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_amd64.deb />
+
+<dt>ARM:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_arm.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_arm.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_arm.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_arm.deb />
+
+<dt>Intel IA-32:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_i386.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_i386.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_i386.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_i386.deb />
+
+<dt>Intel IA-64:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_ia64.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_ia64.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_ia64.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_ia64.deb />
+
+<dt>HPPA:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_hppa.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_hppa.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_hppa.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_hppa.deb />
+
+<dt>Motorola 680x0:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_m68k.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_m68k.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_m68k.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_m68k.deb />
+
+<dt>Big endian MIPS:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_mips.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_mips.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_mips.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_mips.deb />
+
+<dt>Little endian MIPS:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_mipsel.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_mipsel.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_mipsel.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_mipsel.deb />
+
+<dt>PowerPC:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_powerpc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_powerpc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_powerpc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_powerpc.deb />
+
+<dt>IBM S/390:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_s390.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_s390.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_s390.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_s390.deb />
+
+<dt>Sun Sparc:
+
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_sparc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_sparc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_sparc.deb />
+ <dd><fileurl http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_sparc.deb />
+
+</dl>
+
+<p><md5sums http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00314.html /></p>
diff --git a/english/security/2005/dsa-913.wml b/english/security/2005/dsa-913.wml
new file mode 100644
index 00000000000..c1888a33036
--- /dev/null
+++ b/english/security/2005/dsa-913.wml
@@ -0,0 +1,59 @@
+<define-tag description>several vulnerabilities</define-tag>
+<define-tag moreinfo>
+<p>Several vulnerabilities have been found in gdk-pixbuf, the Gtk+
+GdkPixBuf XPM image rendering library. The Common Vulnerabilities and
+Exposures project identifies the following problems:</p>
+
+<ul>
+
+<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975">CVE-2005-2975</a>
+
+ <p>Ludwig Nussel discovered an infinite loop when processing XPM
+ images that allows an attacker to cause a denial of service via a
+ specially crafted XPM file.</p></li>
+
+<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976">CVE-2005-2976</a>
+
+ <p>Ludwig Nussel discovered an integer overflow in the way XPM images
+ are processed that could lead to the execution of arbitrary code
+ or crash the application via a specially crafted XPM file.</p></li>
+
+<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186">CVE-2005-3186</a>
+
+ <p>"infamous41md" discovered an integer in the XPM processing routine
+ that can be used to execute arbitrary code via a traditional heap
+ overflow.</p>
+
+<p>The following matrix explains which versions fix these problems:</p>
+
+<div class="centerdiv">
+<table cellspacing=0 cellpadding=2>
+ <tr>
+ <th>&nbsp;</th>
+ <th>old stable (woody)</th>
+ <th>stable (sarge)</th>
+ <th>unstable (sid)</th>
+ </tr>
+ <tr>
+ <td>gdk-pixbuf</td>
+ <td>0.17.0-2woody3</td>
+ <td>0.22.0-8.1</td>
+ <td>0.22.0-11</td>
+ </tr>
+ <tr>
+ <td>gtk+2.0</td>
+ <td>2.0.2-5woody3</td>
+ <td>2.6.4-3.1</td>
+ <td>2.6.10-2</td>
+ </tr>
+ <tr>
+ </tr>
+</table>
+</div>
+
+<p>We recommend that you upgrade your gdk-pixbuf packages.</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2005/dsa-913.data"
+# $Id$

© 2014-2024 Faster IT GmbH | imprint | privacy policy