Skip to navigation

Security Advisory gdk-pixbuf security update

Advisory: RHSA-2005:343-03
Type: Security Advisory
Severity: Important
Issued on: 2005-04-05
Last updated on: 2005-04-05
Affected Products: Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2005-0891

Details

Updated gdk-pixbuf packages that fix a double free vulnerability are now
available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The gdk-pixbuf package contains an image loading library used with the
GNOME GUI desktop environment.

A bug was found in the way gdk-pixbuf processes BMP images. It is possible
that a specially crafted BMP image could cause a denial of service attack
on applications linked against gdk-pixbuf. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to
this issue.

Users of gdk-pixbuf are advised to upgrade to these packages, which contain
a backported patch and is not vulnerable to this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Desktop (v. 3)
IA-32:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: f865db4cd92f7395a9ef0769d6fd3c08
gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: c1d243418786af9aa77f93343feb4e9c
 
x86_64:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: c1b4180a28bf65b5133c5eefa24b93a0
gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: 205637111511ee684cee2a7f55faa0f1
gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: d6f7574029cdbdf29136463bf8034266
 
Red Hat Desktop (v. 4)
IA-32:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: c8072476dff533717a389f6fb32f978d
 
x86_64:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: 61f8e510098ebd12f32a7e479d0026d7
gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: c94e5cee6ee5c19dd49f7371e8fddb78
 
Red Hat Enterprise Linux AS (v. 2.1)
IA-32:
gdk-pixbuf-0.22.0-12.el2.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 7dfdd5d16a91e64380970e56d490c471
gdk-pixbuf-devel-0.22.0-12.el2.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: be7486b35d88c407fef24c541e525dc1
gdk-pixbuf-gnome-0.22.0-12.el2.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 9af7825523aeeff36cb7633e3cdc4403
 
IA-64:
gdk-pixbuf-0.22.0-12.el2.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: f6c266be7bb786fcaa6a7025719bd74f
gdk-pixbuf-devel-0.22.0-12.el2.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: 6d344d3c48fac3320b5c7b4c34a28018
gdk-pixbuf-gnome-0.22.0-12.el2.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: f6cfeb5bcf4e5da379fc8dd31811224d
 
Red Hat Enterprise Linux AS (v. 3)
IA-32:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: f865db4cd92f7395a9ef0769d6fd3c08
gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: c1d243418786af9aa77f93343feb4e9c
 
IA-64:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-0.22.0-12.el3.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: 41f620654091eee65af1e2a7caa4c629
gdk-pixbuf-devel-0.22.0-12.el3.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: e88d2b283b5ba14c9e17cf0fa0ff5632
gdk-pixbuf-gnome-0.22.0-12.el3.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: d0747f8cc77eff6781978f265417ed09
 
PPC:
gdk-pixbuf-0.22.0-12.el3.ppc.rpm
File outdated by:  RHSA-2005:810		     MD5: dcde354069b804f3b32855b53915e2f0
gdk-pixbuf-0.22.0-12.el3.ppc64.rpm
File outdated by:  RHSA-2005:810		     MD5: 0cdbb62e276af7694d007568070c87ff
gdk-pixbuf-devel-0.22.0-12.el3.ppc.rpm
File outdated by:  RHSA-2005:810		     MD5: f1a2be2fee1859d6f70d5747b8823706
gdk-pixbuf-gnome-0.22.0-12.el3.ppc.rpm
File outdated by:  RHSA-2005:810		     MD5: d1e0b31da885fd13c984f03b1a6cf92f
 
s390:
gdk-pixbuf-0.22.0-12.el3.s390.rpm
File outdated by:  RHSA-2005:810		     MD5: 22877fb2b5a75cdcdf523ab4585fd2c7
gdk-pixbuf-devel-0.22.0-12.el3.s390.rpm
File outdated by:  RHSA-2005:810		     MD5: a4acd9d3eb0eb28836fcc360e76f1122
gdk-pixbuf-gnome-0.22.0-12.el3.s390.rpm
File outdated by:  RHSA-2005:810		     MD5: 6b2ed0bcdb22c2253988e8b99926a533
 
s390x:
gdk-pixbuf-0.22.0-12.el3.s390.rpm
File outdated by:  RHSA-2005:810		     MD5: 22877fb2b5a75cdcdf523ab4585fd2c7
gdk-pixbuf-0.22.0-12.el3.s390x.rpm
File outdated by:  RHSA-2005:810		     MD5: 17a78e9783fb3d9fb966c90d15052889
gdk-pixbuf-devel-0.22.0-12.el3.s390x.rpm
File outdated by:  RHSA-2005:810		     MD5: d720e8670862c620fa40860ae9ff58cc
gdk-pixbuf-gnome-0.22.0-12.el3.s390x.rpm
File outdated by:  RHSA-2005:810		     MD5: edb7f22d7e8a37e7659d21a1f1b1357a
 
x86_64:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: c1b4180a28bf65b5133c5eefa24b93a0
gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: 205637111511ee684cee2a7f55faa0f1
gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: d6f7574029cdbdf29136463bf8034266
 
Red Hat Enterprise Linux AS (v. 4)
IA-32:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: c8072476dff533717a389f6fb32f978d
 
IA-64:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-0.22.0-16.el4.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: 7ff5fe095b30974df15e143b0d7e929e
gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: be7e5e039520062ff027c2f482728fde
 
PPC:
gdk-pixbuf-0.22.0-16.el4.ppc.rpm
File outdated by:  RHSA-2005:810		     MD5: 67814460f4036204f6a6061239d8748f
gdk-pixbuf-0.22.0-16.el4.ppc64.rpm
File outdated by:  RHSA-2005:810		     MD5: 3c01305b14fa397a13b6e3faea132bd0
gdk-pixbuf-devel-0.22.0-16.el4.ppc.rpm
File outdated by:  RHSA-2005:810		     MD5: 1e85a9e6c3c78def4fdaaa07f5b4fe3c
 
s390:
gdk-pixbuf-0.22.0-16.el4.s390.rpm
File outdated by:  RHSA-2005:810		     MD5: 1864bf760c9f2dcbe7983df29099a225
gdk-pixbuf-devel-0.22.0-16.el4.s390.rpm
File outdated by:  RHSA-2005:810		     MD5: ed820e2cb04141a57ac381bca8d6332a
 
s390x:
gdk-pixbuf-0.22.0-16.el4.s390.rpm
File outdated by:  RHSA-2005:810		     MD5: 1864bf760c9f2dcbe7983df29099a225
gdk-pixbuf-0.22.0-16.el4.s390x.rpm
File outdated by:  RHSA-2005:810		     MD5: a3f558d6b7370c864a6771412d1a2513
gdk-pixbuf-devel-0.22.0-16.el4.s390x.rpm
File outdated by:  RHSA-2005:810		     MD5: 3c11f5939e9ac8d2e6eb5e6177b733d8
 
x86_64:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: 61f8e510098ebd12f32a7e479d0026d7
gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: c94e5cee6ee5c19dd49f7371e8fddb78
 
Red Hat Enterprise Linux ES (v. 2.1)
IA-32:
gdk-pixbuf-0.22.0-12.el2.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 7dfdd5d16a91e64380970e56d490c471
gdk-pixbuf-devel-0.22.0-12.el2.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: be7486b35d88c407fef24c541e525dc1
gdk-pixbuf-gnome-0.22.0-12.el2.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 9af7825523aeeff36cb7633e3cdc4403
 
Red Hat Enterprise Linux ES (v. 3)
IA-32:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: f865db4cd92f7395a9ef0769d6fd3c08
gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: c1d243418786af9aa77f93343feb4e9c
 
IA-64:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-0.22.0-12.el3.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: 41f620654091eee65af1e2a7caa4c629
gdk-pixbuf-devel-0.22.0-12.el3.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: e88d2b283b5ba14c9e17cf0fa0ff5632
gdk-pixbuf-gnome-0.22.0-12.el3.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: d0747f8cc77eff6781978f265417ed09
 
x86_64:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: c1b4180a28bf65b5133c5eefa24b93a0
gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: 205637111511ee684cee2a7f55faa0f1
gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: d6f7574029cdbdf29136463bf8034266
 
Red Hat Enterprise Linux ES (v. 4)
IA-32:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: c8072476dff533717a389f6fb32f978d
 
IA-64:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-0.22.0-16.el4.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: 7ff5fe095b30974df15e143b0d7e929e
gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: be7e5e039520062ff027c2f482728fde
 
x86_64:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: 61f8e510098ebd12f32a7e479d0026d7
gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: c94e5cee6ee5c19dd49f7371e8fddb78
 
Red Hat Enterprise Linux WS (v. 2.1)
IA-32:
gdk-pixbuf-0.22.0-12.el2.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 7dfdd5d16a91e64380970e56d490c471
gdk-pixbuf-devel-0.22.0-12.el2.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: be7486b35d88c407fef24c541e525dc1
gdk-pixbuf-gnome-0.22.0-12.el2.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 9af7825523aeeff36cb7633e3cdc4403
 
Red Hat Enterprise Linux WS (v. 3)
IA-32:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-devel-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: f865db4cd92f7395a9ef0769d6fd3c08
gdk-pixbuf-gnome-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: c1d243418786af9aa77f93343feb4e9c
 
IA-64:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-0.22.0-12.el3.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: 41f620654091eee65af1e2a7caa4c629
gdk-pixbuf-devel-0.22.0-12.el3.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: e88d2b283b5ba14c9e17cf0fa0ff5632
gdk-pixbuf-gnome-0.22.0-12.el3.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: d0747f8cc77eff6781978f265417ed09
 
x86_64:
gdk-pixbuf-0.22.0-12.el3.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 2ffc1b52012b1f299c8d08519a669d88
gdk-pixbuf-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: c1b4180a28bf65b5133c5eefa24b93a0
gdk-pixbuf-devel-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: 205637111511ee684cee2a7f55faa0f1
gdk-pixbuf-gnome-0.22.0-12.el3.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: d6f7574029cdbdf29136463bf8034266
 
Red Hat Enterprise Linux WS (v. 4)
IA-32:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: c8072476dff533717a389f6fb32f978d
 
IA-64:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-0.22.0-16.el4.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: 7ff5fe095b30974df15e143b0d7e929e
gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: be7e5e039520062ff027c2f482728fde
 
x86_64:
gdk-pixbuf-0.22.0-16.el4.i386.rpm
File outdated by:  RHSA-2005:810		     MD5: 0871d792413b0c21bd4fff8a142bebb1
gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: 61f8e510098ebd12f32a7e479d0026d7
gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm
File outdated by:  RHSA-2005:810		     MD5: c94e5cee6ee5c19dd49f7371e8fddb78
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
IA-64:
gdk-pixbuf-0.22.0-12.el2.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: f6c266be7bb786fcaa6a7025719bd74f
gdk-pixbuf-devel-0.22.0-12.el2.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: 6d344d3c48fac3320b5c7b4c34a28018
gdk-pixbuf-gnome-0.22.0-12.el2.ia64.rpm
File outdated by:  RHSA-2005:810		     MD5: f6cfeb5bcf4e5da379fc8dd31811224d
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

152315 - CAN-2005-0891 gdk-pixbuf BMP double free DoS


References

https://www.redhat.com/security/data/cve/CVE-2005-0891.html

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/