Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2004.0765 -- RHSA-2004:651-01 Updated imlib packages fix security vulnerabilities 13 December 2004 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: imlib Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 3 Red Hat Desktop version 3 Red Hat Enterprise Linux AS/ES/WS 2.1 Red Hat Linux Advanced Workstation 2.1 Linux variants UNIX variants Impact: Execute Arbitrary Code/Commands Access: Remote/Unauthenticated CVE Names: CAN-2004-1026 CAN-2004-1025 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2004-651.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated imlib packages fix security vulnerabilities Advisory ID: RHSA-2004:651-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2004-651.html Issue date: 2004-12-10 Updated on: 2004-12-10 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-1025 CAN-2004-1026 - - --------------------------------------------------------------------- 1. Summary: Updated imlib packages that fix several integer and buffer overflows are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The imlib packages contain an image loading and rendering library. Pavel Kankovsky discovered several heap overflow flaws that were found in the imlib image handler. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1025 to this issue. Additionally, Pavel discovered several integer overflow flaws that were found in the imlib image handler. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib to execute arbitrary code or crash when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1026 to this issue. Users of imlib should update to these updated packages, which contain backported patches and are not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info): 138516 - CAN-2004-1025 Multiple imlib issues. (CAN-2004-1026) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/imlib-1.9.13-4.3.src.rpm 0a3c30ebe7c7bf1144a5d87762d5b691 imlib-1.9.13-4.3.src.rpm i386: a2efcd78207a9773eb0bd31293aa7b24 imlib-1.9.13-4.3.i386.rpm f05e36c23fcfdc326d1734aaf50fa33c imlib-cfgeditor-1.9.13-4.3.i386.rpm ee58781e3e6820560b55b03554a7eab2 imlib-devel-1.9.13-4.3.i386.rpm ia64: d6d1ce616e19fbbec8cf3b2f06527a2c imlib-1.9.13-4.3.ia64.rpm 79a9a717343e73a44efa4198fd8f3856 imlib-cfgeditor-1.9.13-4.3.ia64.rpm 0c87e24aba22c5ebceb6f9f409ba091c imlib-devel-1.9.13-4.3.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/imlib-1.9.13-4.3.src.rpm 0a3c30ebe7c7bf1144a5d87762d5b691 imlib-1.9.13-4.3.src.rpm ia64: d6d1ce616e19fbbec8cf3b2f06527a2c imlib-1.9.13-4.3.ia64.rpm 79a9a717343e73a44efa4198fd8f3856 imlib-cfgeditor-1.9.13-4.3.ia64.rpm 0c87e24aba22c5ebceb6f9f409ba091c imlib-devel-1.9.13-4.3.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/imlib-1.9.13-4.3.src.rpm 0a3c30ebe7c7bf1144a5d87762d5b691 imlib-1.9.13-4.3.src.rpm i386: a2efcd78207a9773eb0bd31293aa7b24 imlib-1.9.13-4.3.i386.rpm f05e36c23fcfdc326d1734aaf50fa33c imlib-cfgeditor-1.9.13-4.3.i386.rpm ee58781e3e6820560b55b03554a7eab2 imlib-devel-1.9.13-4.3.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/imlib-1.9.13-4.3.src.rpm 0a3c30ebe7c7bf1144a5d87762d5b691 imlib-1.9.13-4.3.src.rpm i386: a2efcd78207a9773eb0bd31293aa7b24 imlib-1.9.13-4.3.i386.rpm f05e36c23fcfdc326d1734aaf50fa33c imlib-cfgeditor-1.9.13-4.3.i386.rpm ee58781e3e6820560b55b03554a7eab2 imlib-devel-1.9.13-4.3.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/imlib-1.9.13-13.4.src.rpm eedcdc9bc78a0736a6db342fb7e064aa imlib-1.9.13-13.4.src.rpm i386: 72fad28d75c5beff7140dbe63f33e0b8 imlib-1.9.13-13.4.i386.rpm 286302f2e3965d419772b800436e23cc imlib-devel-1.9.13-13.4.i386.rpm ia64: 03d29e218ff542afbea20c1b1332c1ae imlib-1.9.13-13.4.ia64.rpm f1a6d86e5bfb55d0efa3c48cdb6e5e60 imlib-devel-1.9.13-13.4.ia64.rpm ppc: 31e11d994855fe92c394929384ec9b45 imlib-1.9.13-13.4.ppc.rpm 90c3a55b2256f0900e2612ec97059151 imlib-devel-1.9.13-13.4.ppc.rpm s390: d51f954de49bafd895a65894e1b808e8 imlib-1.9.13-13.4.s390.rpm bb4c9944ea49a8c3d865ce2bf7ea4037 imlib-devel-1.9.13-13.4.s390.rpm s390x: e932b3c7a39871a5c95db3392fe72c65 imlib-1.9.13-13.4.s390x.rpm 6aae3cebfbdba66a864d6c8e73f76cdb imlib-devel-1.9.13-13.4.s390x.rpm x86_64: 207c7bd9f6f3790c8c39a4cd5be65e3d imlib-1.9.13-13.4.x86_64.rpm 3d2517a397c7e91399e9fe1364740503 imlib-devel-1.9.13-13.4.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/imlib-1.9.13-13.4.src.rpm eedcdc9bc78a0736a6db342fb7e064aa imlib-1.9.13-13.4.src.rpm i386: 72fad28d75c5beff7140dbe63f33e0b8 imlib-1.9.13-13.4.i386.rpm 286302f2e3965d419772b800436e23cc imlib-devel-1.9.13-13.4.i386.rpm x86_64: 207c7bd9f6f3790c8c39a4cd5be65e3d imlib-1.9.13-13.4.x86_64.rpm 3d2517a397c7e91399e9fe1364740503 imlib-devel-1.9.13-13.4.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/imlib-1.9.13-13.4.src.rpm eedcdc9bc78a0736a6db342fb7e064aa imlib-1.9.13-13.4.src.rpm i386: 72fad28d75c5beff7140dbe63f33e0b8 imlib-1.9.13-13.4.i386.rpm 286302f2e3965d419772b800436e23cc imlib-devel-1.9.13-13.4.i386.rpm ia64: 03d29e218ff542afbea20c1b1332c1ae imlib-1.9.13-13.4.ia64.rpm f1a6d86e5bfb55d0efa3c48cdb6e5e60 imlib-devel-1.9.13-13.4.ia64.rpm x86_64: 207c7bd9f6f3790c8c39a4cd5be65e3d imlib-1.9.13-13.4.x86_64.rpm 3d2517a397c7e91399e9fe1364740503 imlib-devel-1.9.13-13.4.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/imlib-1.9.13-13.4.src.rpm eedcdc9bc78a0736a6db342fb7e064aa imlib-1.9.13-13.4.src.rpm i386: 72fad28d75c5beff7140dbe63f33e0b8 imlib-1.9.13-13.4.i386.rpm 286302f2e3965d419772b800436e23cc imlib-devel-1.9.13-13.4.i386.rpm ia64: 03d29e218ff542afbea20c1b1332c1ae imlib-1.9.13-13.4.ia64.rpm f1a6d86e5bfb55d0efa3c48cdb6e5e60 imlib-devel-1.9.13-13.4.ia64.rpm x86_64: 207c7bd9f6f3790c8c39a4cd5be65e3d imlib-1.9.13-13.4.x86_64.rpm 3d2517a397c7e91399e9fe1364740503 imlib-devel-1.9.13-13.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key.html#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1025 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFBudLyXlSAg2UNWIIRAnPRAJ9U5+PSSClN0rQgDLsk6IrZs4NiWACeOgzv 3dTiiqthTyohvlXiAYPwVOY= =Nxga - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQbziNih9+71yA2DNAQIpQQP9Fl3xim/UUZvaHIs/DfxTldA4VAaoeU8a xfqLX0orysl0KJfrHI4m0tuaPIPiJI8gIdrWBNQgDKww15iLp9lYckebzkGCYewp NzS0lK/KMTCy6jsd49JtZX7EKhipF8LUyd+wQewPJGH2dc1bKRbQ5ZXHG/x268GN J9+z1vjAgf0= =cnVa -----END PGP SIGNATURE-----