Security Advisory Moderate: netpbm security update

Advisory: RHSA-2009:0012-4
Type: Security Advisory
Severity: Moderate
Issued on: 2009-02-11
Last updated on: 2009-02-11
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20090012.xml
CVEs (cve.mitre.org): CVE-2007-2721
CVE-2008-3520

Details

Updated netpbm packages that fix several security issues are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

The netpbm package contains a library of functions for editing and
converting between various graphics file formats, including .pbm (portable
bitmaps), .pgm (portable graymaps), .pnm (portable anymaps), .ppm (portable
pixmaps), and others.

An input validation flaw and multiple integer overflows were discovered in
the JasPer library providing support for JPEG-2000 image format and used in
the jpeg2ktopam and pamtojpeg2k converters. An attacker could create a
carefully-crafted JPEG file which could cause jpeg2ktopam to crash or,
possibly, execute arbitrary code as the user running jpeg2ktopam.
(CVE-2007-2721, CVE-2008-3520)

All users are advised to upgrade to these updated packages which contain
backported patches which resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
netpbm-10.35-6.1.el5_3.1.src.rpm
File outdated by:  RHBA-2009:1268		     2518a039d294a027b1d95f75cfa8cb78
 
IA-32:
netpbm-devel-10.35-6.1.el5_3.1.i386.rpm
File outdated by:  RHBA-2009:1268		     ef23915f66714703f95bae1e04f7df55
 
x86_64:
netpbm-devel-10.35-6.1.el5_3.1.i386.rpm
File outdated by:  RHBA-2009:1268		     ef23915f66714703f95bae1e04f7df55
netpbm-devel-10.35-6.1.el5_3.1.x86_64.rpm
File outdated by:  RHBA-2009:1268		     885159c9aa9e428ae290992c8c7074a4
 
Red Hat Desktop (v. 4)
SRPMS:
netpbm-10.25-2.1.el4_7.4.src.rpm
File outdated by:  RHBA-2009:0990		     cfe28209850bcfce8c0dffbb551cd5cd
 
IA-32:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-devel-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     0d08fd4c126210af49cbca648f50613d
netpbm-progs-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     33d1562b939ab7e3327da0f261b8a9c6
 
x86_64:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     32ef7d5143f563e695c77896ae3918f4
netpbm-devel-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     ed9b71da37197bdb89d6ec81285af8ed
netpbm-progs-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     c78a585dcf316c2cef8bdeea76893b8e
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
netpbm-10.35-6.1.el5_3.1.src.rpm
File outdated by:  RHBA-2009:1268		     2518a039d294a027b1d95f75cfa8cb78
 
IA-32:
netpbm-10.35-6.1.el5_3.1.i386.rpm
File outdated by:  RHBA-2009:1268		     c6f1316ef8e879423bdd640d49ab1d82
netpbm-devel-10.35-6.1.el5_3.1.i386.rpm
File outdated by:  RHBA-2009:1268		     ef23915f66714703f95bae1e04f7df55
netpbm-progs-10.35-6.1.el5_3.1.i386.rpm
File outdated by:  RHBA-2009:1268		     49a25ef485a23a1be1209c5301b5e587
 
IA-64:
netpbm-10.35-6.1.el5_3.1.ia64.rpm
File outdated by:  RHBA-2009:1268		     2ed62b84609c33be09988c6f5a34f369
netpbm-devel-10.35-6.1.el5_3.1.ia64.rpm
File outdated by:  RHBA-2009:1268		     e9d514c680637ce8d20a9f2632da2999
netpbm-progs-10.35-6.1.el5_3.1.ia64.rpm
File outdated by:  RHBA-2009:1268		     49f355946bca3c004cec826cc62f7419
 
PPC:
netpbm-10.35-6.1.el5_3.1.ppc.rpm
File outdated by:  RHBA-2009:1268		     e0717d1aad643286471d1c3b848973b1
netpbm-10.35-6.1.el5_3.1.ppc64.rpm
File outdated by:  RHBA-2009:1268		     e36c9ec76a710b05e406646a9583b53b
netpbm-devel-10.35-6.1.el5_3.1.ppc.rpm
File outdated by:  RHBA-2009:1268		     65ea9d45a0910fc9d1d8d96d8de3417f
netpbm-devel-10.35-6.1.el5_3.1.ppc64.rpm
File outdated by:  RHBA-2009:1268		     e7f6d3b5d5d3f6e8692110edebae0375
netpbm-progs-10.35-6.1.el5_3.1.ppc.rpm
File outdated by:  RHBA-2009:1268		     e0bc27d0b6d15935f4cfdab86bf0f22d
 
s390x:
netpbm-10.35-6.1.el5_3.1.s390.rpm
File outdated by:  RHBA-2009:1268		     67c550706e5744857c9e4577f5c5b815
netpbm-10.35-6.1.el5_3.1.s390x.rpm
File outdated by:  RHBA-2009:1268		     ef726a2ed8f0d7d74164568b9cf6839e
netpbm-devel-10.35-6.1.el5_3.1.s390.rpm
File outdated by:  RHBA-2009:1268		     e5b1894cfbfede6361369b6bcfad843f
netpbm-devel-10.35-6.1.el5_3.1.s390x.rpm
File outdated by:  RHBA-2009:1268		     1d0e1d3c47fadd4efc90c19fe0329bad
netpbm-progs-10.35-6.1.el5_3.1.s390x.rpm
File outdated by:  RHBA-2009:1268		     4876aad9b18b9f6f96dda2d3c10e83e2
 
x86_64:
netpbm-10.35-6.1.el5_3.1.i386.rpm
File outdated by:  RHBA-2009:1268		     c6f1316ef8e879423bdd640d49ab1d82
netpbm-10.35-6.1.el5_3.1.x86_64.rpm
File outdated by:  RHBA-2009:1268		     c4109ff34daa9e83267704fcad535e45
netpbm-devel-10.35-6.1.el5_3.1.i386.rpm
File outdated by:  RHBA-2009:1268		     ef23915f66714703f95bae1e04f7df55
netpbm-devel-10.35-6.1.el5_3.1.x86_64.rpm
File outdated by:  RHBA-2009:1268		     885159c9aa9e428ae290992c8c7074a4
netpbm-progs-10.35-6.1.el5_3.1.x86_64.rpm
File outdated by:  RHBA-2009:1268		     50c959232b0902e08f024033a8f0ccf0
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
netpbm-10.25-2.1.el4_7.4.src.rpm
File outdated by:  RHBA-2009:0990		     cfe28209850bcfce8c0dffbb551cd5cd
 
IA-32:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-devel-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     0d08fd4c126210af49cbca648f50613d
netpbm-progs-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     33d1562b939ab7e3327da0f261b8a9c6
 
IA-64:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.ia64.rpm
File outdated by:  RHBA-2009:0990		     93ddf2665b42fad00df0ae4c2c41e33a
netpbm-devel-10.25-2.1.el4_7.4.ia64.rpm
File outdated by:  RHBA-2009:0990		     b5c6846dda7a6409ce6abc07eb5abf21
netpbm-progs-10.25-2.1.el4_7.4.ia64.rpm
File outdated by:  RHBA-2009:0990		     af9b86bc0d857da19c9e96bec17d8077
 
PPC:
netpbm-10.25-2.1.el4_7.4.ppc.rpm
File outdated by:  RHBA-2009:0990		     3b8990f7a3ce259dee9c066df62372a3
netpbm-10.25-2.1.el4_7.4.ppc64.rpm
File outdated by:  RHBA-2009:0990		     ddd6fe59ae35e8e669e19b2ce3fd5064
netpbm-devel-10.25-2.1.el4_7.4.ppc.rpm
File outdated by:  RHBA-2009:0990		     d1c5732e75770a405738c8d9b72aa24d
netpbm-progs-10.25-2.1.el4_7.4.ppc.rpm
File outdated by:  RHBA-2009:0990		     11adaa992161808055aa4b2ef52277b8
 
s390:
netpbm-10.25-2.1.el4_7.4.s390.rpm
File outdated by:  RHBA-2009:0990		     ad7ad76139f72c2a7a45a17011c6c739
netpbm-devel-10.25-2.1.el4_7.4.s390.rpm
File outdated by:  RHBA-2009:0990		     c7ffaecf3791374f5afcc04bf3c264dd
netpbm-progs-10.25-2.1.el4_7.4.s390.rpm
File outdated by:  RHBA-2009:0990		     2b5e2f0c9c65142509f1a19aea138a11
 
s390x:
netpbm-10.25-2.1.el4_7.4.s390.rpm
File outdated by:  RHBA-2009:0990		     ad7ad76139f72c2a7a45a17011c6c739
netpbm-10.25-2.1.el4_7.4.s390x.rpm
File outdated by:  RHBA-2009:0990		     bf5698df1b0bfe0ec5a9b922bff8b1a5
netpbm-devel-10.25-2.1.el4_7.4.s390x.rpm
File outdated by:  RHBA-2009:0990		     e1a6eda3d335fd38b9bdc28b1673c3e1
netpbm-progs-10.25-2.1.el4_7.4.s390x.rpm
File outdated by:  RHBA-2009:0990		     b67e4fba93fd433c3c30a8167a665e89
 
x86_64:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     32ef7d5143f563e695c77896ae3918f4
netpbm-devel-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     ed9b71da37197bdb89d6ec81285af8ed
netpbm-progs-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     c78a585dcf316c2cef8bdeea76893b8e
 
Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
netpbm-10.25-2.1.el4_7.4.src.rpm
File outdated by:  RHBA-2009:0990		     cfe28209850bcfce8c0dffbb551cd5cd
 
IA-32:
netpbm-10.25-2.1.el4_7.4.i386.rpm     222a25bc2c273f37c4297dccbf58ae18
netpbm-devel-10.25-2.1.el4_7.4.i386.rpm     0d08fd4c126210af49cbca648f50613d
netpbm-progs-10.25-2.1.el4_7.4.i386.rpm     33d1562b939ab7e3327da0f261b8a9c6
 
IA-64:
netpbm-10.25-2.1.el4_7.4.i386.rpm     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.ia64.rpm     93ddf2665b42fad00df0ae4c2c41e33a
netpbm-devel-10.25-2.1.el4_7.4.ia64.rpm     b5c6846dda7a6409ce6abc07eb5abf21
netpbm-progs-10.25-2.1.el4_7.4.ia64.rpm     af9b86bc0d857da19c9e96bec17d8077
 
PPC:
netpbm-10.25-2.1.el4_7.4.ppc.rpm     3b8990f7a3ce259dee9c066df62372a3
netpbm-10.25-2.1.el4_7.4.ppc64.rpm     ddd6fe59ae35e8e669e19b2ce3fd5064
netpbm-devel-10.25-2.1.el4_7.4.ppc.rpm     d1c5732e75770a405738c8d9b72aa24d
netpbm-progs-10.25-2.1.el4_7.4.ppc.rpm     11adaa992161808055aa4b2ef52277b8
 
s390:
netpbm-10.25-2.1.el4_7.4.s390.rpm     ad7ad76139f72c2a7a45a17011c6c739
netpbm-devel-10.25-2.1.el4_7.4.s390.rpm     c7ffaecf3791374f5afcc04bf3c264dd
netpbm-progs-10.25-2.1.el4_7.4.s390.rpm     2b5e2f0c9c65142509f1a19aea138a11
 
s390x:
netpbm-10.25-2.1.el4_7.4.s390.rpm     ad7ad76139f72c2a7a45a17011c6c739
netpbm-10.25-2.1.el4_7.4.s390x.rpm     bf5698df1b0bfe0ec5a9b922bff8b1a5
netpbm-devel-10.25-2.1.el4_7.4.s390x.rpm     e1a6eda3d335fd38b9bdc28b1673c3e1
netpbm-progs-10.25-2.1.el4_7.4.s390x.rpm     b67e4fba93fd433c3c30a8167a665e89
 
x86_64:
netpbm-10.25-2.1.el4_7.4.i386.rpm     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.x86_64.rpm     32ef7d5143f563e695c77896ae3918f4
netpbm-devel-10.25-2.1.el4_7.4.x86_64.rpm     ed9b71da37197bdb89d6ec81285af8ed
netpbm-progs-10.25-2.1.el4_7.4.x86_64.rpm     c78a585dcf316c2cef8bdeea76893b8e
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
netpbm-10.35-6.1.el5_3.1.src.rpm
File outdated by:  RHBA-2009:1268		     2518a039d294a027b1d95f75cfa8cb78
 
IA-32:
netpbm-10.35-6.1.el5_3.1.i386.rpm
File outdated by:  RHBA-2009:1268		     c6f1316ef8e879423bdd640d49ab1d82
netpbm-progs-10.35-6.1.el5_3.1.i386.rpm
File outdated by:  RHBA-2009:1268		     49a25ef485a23a1be1209c5301b5e587
 
x86_64:
netpbm-10.35-6.1.el5_3.1.i386.rpm
File outdated by:  RHBA-2009:1268		     c6f1316ef8e879423bdd640d49ab1d82
netpbm-10.35-6.1.el5_3.1.x86_64.rpm
File outdated by:  RHBA-2009:1268		     c4109ff34daa9e83267704fcad535e45
netpbm-progs-10.35-6.1.el5_3.1.x86_64.rpm
File outdated by:  RHBA-2009:1268		     50c959232b0902e08f024033a8f0ccf0
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
netpbm-10.25-2.1.el4_7.4.src.rpm
File outdated by:  RHBA-2009:0990		     cfe28209850bcfce8c0dffbb551cd5cd
 
IA-32:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-devel-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     0d08fd4c126210af49cbca648f50613d
netpbm-progs-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     33d1562b939ab7e3327da0f261b8a9c6
 
IA-64:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.ia64.rpm
File outdated by:  RHBA-2009:0990		     93ddf2665b42fad00df0ae4c2c41e33a
netpbm-devel-10.25-2.1.el4_7.4.ia64.rpm
File outdated by:  RHBA-2009:0990		     b5c6846dda7a6409ce6abc07eb5abf21
netpbm-progs-10.25-2.1.el4_7.4.ia64.rpm
File outdated by:  RHBA-2009:0990		     af9b86bc0d857da19c9e96bec17d8077
 
x86_64:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     32ef7d5143f563e695c77896ae3918f4
netpbm-devel-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     ed9b71da37197bdb89d6ec81285af8ed
netpbm-progs-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     c78a585dcf316c2cef8bdeea76893b8e
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
netpbm-10.25-2.1.el4_7.4.src.rpm
File outdated by:  RHBA-2009:0990		     cfe28209850bcfce8c0dffbb551cd5cd
 
IA-32:
netpbm-10.25-2.1.el4_7.4.i386.rpm     222a25bc2c273f37c4297dccbf58ae18
netpbm-devel-10.25-2.1.el4_7.4.i386.rpm     0d08fd4c126210af49cbca648f50613d
netpbm-progs-10.25-2.1.el4_7.4.i386.rpm     33d1562b939ab7e3327da0f261b8a9c6
 
IA-64:
netpbm-10.25-2.1.el4_7.4.i386.rpm     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.ia64.rpm     93ddf2665b42fad00df0ae4c2c41e33a
netpbm-devel-10.25-2.1.el4_7.4.ia64.rpm     b5c6846dda7a6409ce6abc07eb5abf21
netpbm-progs-10.25-2.1.el4_7.4.ia64.rpm     af9b86bc0d857da19c9e96bec17d8077
 
x86_64:
netpbm-10.25-2.1.el4_7.4.i386.rpm     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.x86_64.rpm     32ef7d5143f563e695c77896ae3918f4
netpbm-devel-10.25-2.1.el4_7.4.x86_64.rpm     ed9b71da37197bdb89d6ec81285af8ed
netpbm-progs-10.25-2.1.el4_7.4.x86_64.rpm     c78a585dcf316c2cef8bdeea76893b8e
 
Red Hat Enterprise Linux EUS (v. 5.3.z server)
SRPMS:
netpbm-10.35-6.1.el5_3.1.src.rpm
File outdated by:  RHBA-2009:1268		     2518a039d294a027b1d95f75cfa8cb78
 
IA-32:
netpbm-10.35-6.1.el5_3.1.i386.rpm     c6f1316ef8e879423bdd640d49ab1d82
netpbm-devel-10.35-6.1.el5_3.1.i386.rpm     ef23915f66714703f95bae1e04f7df55
netpbm-progs-10.35-6.1.el5_3.1.i386.rpm     49a25ef485a23a1be1209c5301b5e587
 
IA-64:
netpbm-10.35-6.1.el5_3.1.ia64.rpm     2ed62b84609c33be09988c6f5a34f369
netpbm-devel-10.35-6.1.el5_3.1.ia64.rpm     e9d514c680637ce8d20a9f2632da2999
netpbm-progs-10.35-6.1.el5_3.1.ia64.rpm     49f355946bca3c004cec826cc62f7419
 
PPC:
netpbm-10.35-6.1.el5_3.1.ppc.rpm     e0717d1aad643286471d1c3b848973b1
netpbm-10.35-6.1.el5_3.1.ppc64.rpm     e36c9ec76a710b05e406646a9583b53b
netpbm-devel-10.35-6.1.el5_3.1.ppc.rpm     65ea9d45a0910fc9d1d8d96d8de3417f
netpbm-devel-10.35-6.1.el5_3.1.ppc64.rpm     e7f6d3b5d5d3f6e8692110edebae0375
netpbm-progs-10.35-6.1.el5_3.1.ppc.rpm     e0bc27d0b6d15935f4cfdab86bf0f22d
 
s390x:
netpbm-10.35-6.1.el5_3.1.s390.rpm     67c550706e5744857c9e4577f5c5b815
netpbm-10.35-6.1.el5_3.1.s390x.rpm     ef726a2ed8f0d7d74164568b9cf6839e
netpbm-devel-10.35-6.1.el5_3.1.s390.rpm     e5b1894cfbfede6361369b6bcfad843f
netpbm-devel-10.35-6.1.el5_3.1.s390x.rpm     1d0e1d3c47fadd4efc90c19fe0329bad
netpbm-progs-10.35-6.1.el5_3.1.s390x.rpm     4876aad9b18b9f6f96dda2d3c10e83e2
 
x86_64:
netpbm-10.35-6.1.el5_3.1.i386.rpm     c6f1316ef8e879423bdd640d49ab1d82
netpbm-10.35-6.1.el5_3.1.x86_64.rpm     c4109ff34daa9e83267704fcad535e45
netpbm-devel-10.35-6.1.el5_3.1.i386.rpm     ef23915f66714703f95bae1e04f7df55
netpbm-devel-10.35-6.1.el5_3.1.x86_64.rpm     885159c9aa9e428ae290992c8c7074a4
netpbm-progs-10.35-6.1.el5_3.1.x86_64.rpm     50c959232b0902e08f024033a8f0ccf0
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
netpbm-10.25-2.1.el4_7.4.src.rpm
File outdated by:  RHBA-2009:0990		     cfe28209850bcfce8c0dffbb551cd5cd
 
IA-32:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-devel-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     0d08fd4c126210af49cbca648f50613d
netpbm-progs-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     33d1562b939ab7e3327da0f261b8a9c6
 
IA-64:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.ia64.rpm
File outdated by:  RHBA-2009:0990		     93ddf2665b42fad00df0ae4c2c41e33a
netpbm-devel-10.25-2.1.el4_7.4.ia64.rpm
File outdated by:  RHBA-2009:0990		     b5c6846dda7a6409ce6abc07eb5abf21
netpbm-progs-10.25-2.1.el4_7.4.ia64.rpm
File outdated by:  RHBA-2009:0990		     af9b86bc0d857da19c9e96bec17d8077
 
x86_64:
netpbm-10.25-2.1.el4_7.4.i386.rpm
File outdated by:  RHBA-2009:0990		     222a25bc2c273f37c4297dccbf58ae18
netpbm-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     32ef7d5143f563e695c77896ae3918f4
netpbm-devel-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     ed9b71da37197bdb89d6ec81285af8ed
netpbm-progs-10.25-2.1.el4_7.4.x86_64.rpm
File outdated by:  RHBA-2009:0990		     c78a585dcf316c2cef8bdeea76893b8e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

346501 - CVE-2007-2721 jasper crash in jpc_qcx_getcompparms
461476 - CVE-2008-3520 jasper: multiple integer overflows in jas_alloc calls


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/