imlib security update
| Advisory: | RHSA-2004:465-08 |
|---|---|
| Type: | Security Advisory |
| Severity: | Important |
| Issued on: | 2004-09-15 |
| Last updated on: | 2004-09-15 |
| Affected Products: | Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor |
| CVEs (cve.mitre.org): |
CVE-2004-0817 |
Details
An updated imlib package that fixes several heap overflows is now available.
Imlib is an image loading and rendering library.
Several heap overflow flaws were found in the imlib BMP image handler. An
attacker could create a carefully crafted BMP file in such a way that it
could cause an application linked with imlib to execute arbitrary code when
the file was opened by a victim. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2004-0817 to this issue.
Users of imlib should update to this updated package which contains
backported patches and is not vulnerable to this issue.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
Updated packages
| Red Hat Desktop (v. 3) | |
| SRPMS: | |
| imlib-1.9.13-13.3.src.rpm File outdated by: RHSA-2004:651 |
MD5: 6b77190f47b54d9c4c8bfc59cb5c9a97 |
| IA-32: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-devel-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: fb55305b96a608e4a59d734f0c933505 |
| x86_64: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-1.9.13-13.3.x86_64.rpm File outdated by: RHSA-2004:651 |
MD5: a541f53f7ae3b301598828d05014b46e |
| imlib-devel-1.9.13-13.3.x86_64.rpm File outdated by: RHSA-2004:651 |
MD5: ab80ef08fb5a847a729c8d69640c8366 |
| Red Hat Enterprise Linux AS (v. 2.1) | |
| SRPMS: | |
| imlib-1.9.13-4.2.src.rpm File outdated by: RHSA-2004:651 |
MD5: 70350a36d0e898640bf0370f74d26329 |
| IA-32: | |
| imlib-1.9.13-4.2.i386.rpm File outdated by: RHSA-2004:651 |
MD5: 977d25ef2ed5d80a3d752bcc309dcea3 |
| imlib-cfgeditor-1.9.13-4.2.i386.rpm File outdated by: RHSA-2004:651 |
MD5: 4ca29312814b0c29e87acb6c1eba4f31 |
| imlib-devel-1.9.13-4.2.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ab03d718bd43a82cd4fa77118915ca7b |
| IA-64: | |
| imlib-1.9.13-4.2.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: ca8f753c817cbe0bf24ac0ac2b03bccc |
| imlib-cfgeditor-1.9.13-4.2.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: 11060c4560ee42e3e9e0e482a88189c2 |
| imlib-devel-1.9.13-4.2.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: 11e6bd0ee4caca73cbc0ddc80bf1d793 |
| Red Hat Enterprise Linux AS (v. 3) | |
| SRPMS: | |
| imlib-1.9.13-13.3.src.rpm File outdated by: RHSA-2004:651 |
MD5: 6b77190f47b54d9c4c8bfc59cb5c9a97 |
| IA-32: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-devel-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: fb55305b96a608e4a59d734f0c933505 |
| IA-64: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-1.9.13-13.3.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: 9444828842659c3bec047cc18d2528ee |
| imlib-devel-1.9.13-13.3.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: c559153e239abff5269e41c30233ca05 |
| PPC: | |
| imlib-1.9.13-13.3.ppc.rpm File outdated by: RHSA-2004:651 |
MD5: 3d5eae85598168b6e337a0689eb2d743 |
| imlib-devel-1.9.13-13.3.ppc.rpm File outdated by: RHSA-2004:651 |
MD5: c9bd4375d8e077fcc70a638804d16b65 |
| s390: | |
| imlib-1.9.13-13.3.s390.rpm File outdated by: RHSA-2004:651 |
MD5: 17404e9fdddd26a89d81df23e3aae7db |
| imlib-devel-1.9.13-13.3.s390.rpm File outdated by: RHSA-2004:651 |
MD5: 5a3c49f094187deb72b9c522fedd5724 |
| s390x: | |
| imlib-1.9.13-13.3.s390x.rpm File outdated by: RHSA-2004:651 |
MD5: 81d3bbb3472454bd14c748c60c219d2b |
| imlib-devel-1.9.13-13.3.s390x.rpm File outdated by: RHSA-2004:651 |
MD5: 7e6739f7b72993dadbc4a489898c83c1 |
| x86_64: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-1.9.13-13.3.x86_64.rpm File outdated by: RHSA-2004:651 |
MD5: a541f53f7ae3b301598828d05014b46e |
| imlib-devel-1.9.13-13.3.x86_64.rpm File outdated by: RHSA-2004:651 |
MD5: ab80ef08fb5a847a729c8d69640c8366 |
| Red Hat Enterprise Linux ES (v. 2.1) | |
| SRPMS: | |
| imlib-1.9.13-4.2.src.rpm File outdated by: RHSA-2004:651 |
MD5: 70350a36d0e898640bf0370f74d26329 |
| IA-32: | |
| imlib-1.9.13-4.2.i386.rpm File outdated by: RHSA-2004:651 |
MD5: 977d25ef2ed5d80a3d752bcc309dcea3 |
| imlib-cfgeditor-1.9.13-4.2.i386.rpm File outdated by: RHSA-2004:651 |
MD5: 4ca29312814b0c29e87acb6c1eba4f31 |
| imlib-devel-1.9.13-4.2.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ab03d718bd43a82cd4fa77118915ca7b |
| Red Hat Enterprise Linux ES (v. 3) | |
| SRPMS: | |
| imlib-1.9.13-13.3.src.rpm File outdated by: RHSA-2004:651 |
MD5: 6b77190f47b54d9c4c8bfc59cb5c9a97 |
| IA-32: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-devel-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: fb55305b96a608e4a59d734f0c933505 |
| IA-64: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-1.9.13-13.3.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: 9444828842659c3bec047cc18d2528ee |
| imlib-devel-1.9.13-13.3.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: c559153e239abff5269e41c30233ca05 |
| x86_64: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-1.9.13-13.3.x86_64.rpm File outdated by: RHSA-2004:651 |
MD5: a541f53f7ae3b301598828d05014b46e |
| imlib-devel-1.9.13-13.3.x86_64.rpm File outdated by: RHSA-2004:651 |
MD5: ab80ef08fb5a847a729c8d69640c8366 |
| Red Hat Enterprise Linux WS (v. 2.1) | |
| SRPMS: | |
| imlib-1.9.13-4.2.src.rpm File outdated by: RHSA-2004:651 |
MD5: 70350a36d0e898640bf0370f74d26329 |
| IA-32: | |
| imlib-1.9.13-4.2.i386.rpm File outdated by: RHSA-2004:651 |
MD5: 977d25ef2ed5d80a3d752bcc309dcea3 |
| imlib-cfgeditor-1.9.13-4.2.i386.rpm File outdated by: RHSA-2004:651 |
MD5: 4ca29312814b0c29e87acb6c1eba4f31 |
| imlib-devel-1.9.13-4.2.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ab03d718bd43a82cd4fa77118915ca7b |
| Red Hat Enterprise Linux WS (v. 3) | |
| SRPMS: | |
| imlib-1.9.13-13.3.src.rpm File outdated by: RHSA-2004:651 |
MD5: 6b77190f47b54d9c4c8bfc59cb5c9a97 |
| IA-32: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-devel-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: fb55305b96a608e4a59d734f0c933505 |
| IA-64: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-1.9.13-13.3.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: 9444828842659c3bec047cc18d2528ee |
| imlib-devel-1.9.13-13.3.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: c559153e239abff5269e41c30233ca05 |
| x86_64: | |
| imlib-1.9.13-13.3.i386.rpm File outdated by: RHSA-2004:651 |
MD5: ead45a05f882e533d8967caad278a3ff |
| imlib-1.9.13-13.3.x86_64.rpm File outdated by: RHSA-2004:651 |
MD5: a541f53f7ae3b301598828d05014b46e |
| imlib-devel-1.9.13-13.3.x86_64.rpm File outdated by: RHSA-2004:651 |
MD5: ab80ef08fb5a847a729c8d69640c8366 |
| Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor | |
| SRPMS: | |
| imlib-1.9.13-4.2.src.rpm File outdated by: RHSA-2004:651 |
MD5: 70350a36d0e898640bf0370f74d26329 |
| IA-64: | |
| imlib-1.9.13-4.2.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: ca8f753c817cbe0bf24ac0ac2b03bccc |
| imlib-cfgeditor-1.9.13-4.2.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: 11060c4560ee42e3e9e0e482a88189c2 |
| imlib-devel-1.9.13-4.2.ia64.rpm File outdated by: RHSA-2004:651 |
MD5: 11e6bd0ee4caca73cbc0ddc80bf1d793 |
Bugs fixed (see bugzilla for more information)
130909 - CAN-2004-0817 heap overflow in BMP decoder
References
https://www.redhat.com/security/data/cve/CVE-2004-0817.html
http://bugzilla.gnome.org/show_bug.cgi?id=151034
http://bugzilla.gnome.org/show_bug.cgi?id=151034
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
