Skip to navigation

Security Advisory Moderate: gtk2 security update

Advisory: RHSA-2007:0019-3
Type: Security Advisory
Severity: Moderate
Issued on: 2007-01-24
Last updated on: 2007-01-24
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2007-0010

Details

Updated gtk2 packages that fix a security issue are now available.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

The gtk2 package contains the GIMP ToolKit (GTK+), a library for creating
graphical user interfaces for the X Window System.

A bug was found in the way the gtk2 GdkPixbufLoader() function processed
invalid input. Applications linked against gtk2 could crash if they
loaded a malformed image file. (CVE-2007-0010)

Users of gtk2 are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Desktop (v. 4)

IA-32:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-devel-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: ed57a4bb7460344f4fe181ab492b80cf
 
x86_64:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-2.4.13-22.x86_64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 169b7f02223b864c5ddf74ff10d4c1f7
gtk2-devel-2.4.13-22.x86_64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 3d9b96b0e61085105c40661fdd784b94
 
Red Hat Enterprise Linux AS (v. 4)

IA-32:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-devel-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: ed57a4bb7460344f4fe181ab492b80cf
 
IA-64:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-2.4.13-22.ia64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7ffea45167656425e1029a2f3a5a8c4d
gtk2-devel-2.4.13-22.ia64.rpm
File outdated by:  RHBA-2008:0773
    MD5: db05083eb1eca7ee8a649e6e7a55254e
 
PPC:
gtk2-2.4.13-22.ppc.rpm
File outdated by:  RHBA-2008:0773
    MD5: 0b7350237ae4f367525909702fa1ba03
gtk2-2.4.13-22.ppc64.rpm
File outdated by:  RHBA-2008:0773
    MD5: f2ac348b53d4fcad62281d030bb29db7
gtk2-devel-2.4.13-22.ppc.rpm
File outdated by:  RHBA-2008:0773
    MD5: 8d99954b0b79b2440c89eed8d48e8e37
 
s390:
gtk2-2.4.13-22.s390.rpm
File outdated by:  RHBA-2008:0773
    MD5: ba6f1a2b8746a55a4721a84f96812c3f
gtk2-devel-2.4.13-22.s390.rpm
File outdated by:  RHBA-2008:0773
    MD5: 46b08592a6079baf8a3bd43a193fd847
 
s390x:
gtk2-2.4.13-22.s390.rpm
File outdated by:  RHBA-2008:0773
    MD5: ba6f1a2b8746a55a4721a84f96812c3f
gtk2-2.4.13-22.s390x.rpm
File outdated by:  RHBA-2008:0773
    MD5: 234d75230adc34e3c827f9fdf4ebeaac
gtk2-devel-2.4.13-22.s390x.rpm
File outdated by:  RHBA-2008:0773
    MD5: dde74f320048d6d79ee11b2015b576be
 
x86_64:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-2.4.13-22.x86_64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 169b7f02223b864c5ddf74ff10d4c1f7
gtk2-devel-2.4.13-22.x86_64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 3d9b96b0e61085105c40661fdd784b94
 
Red Hat Enterprise Linux ES (v. 4)

IA-32:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-devel-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: ed57a4bb7460344f4fe181ab492b80cf
 
IA-64:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-2.4.13-22.ia64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7ffea45167656425e1029a2f3a5a8c4d
gtk2-devel-2.4.13-22.ia64.rpm
File outdated by:  RHBA-2008:0773
    MD5: db05083eb1eca7ee8a649e6e7a55254e
 
x86_64:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-2.4.13-22.x86_64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 169b7f02223b864c5ddf74ff10d4c1f7
gtk2-devel-2.4.13-22.x86_64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 3d9b96b0e61085105c40661fdd784b94
 
Red Hat Enterprise Linux WS (v. 4)

IA-32:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-devel-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: ed57a4bb7460344f4fe181ab492b80cf
 
IA-64:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-2.4.13-22.ia64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7ffea45167656425e1029a2f3a5a8c4d
gtk2-devel-2.4.13-22.ia64.rpm
File outdated by:  RHBA-2008:0773
    MD5: db05083eb1eca7ee8a649e6e7a55254e
 
x86_64:
gtk2-2.4.13-22.i386.rpm
File outdated by:  RHBA-2008:0773
    MD5: 7e970287675ed24ce45ae6c955d23e0f
gtk2-2.4.13-22.x86_64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 169b7f02223b864c5ddf74ff10d4c1f7
gtk2-devel-2.4.13-22.x86_64.rpm
File outdated by:  RHBA-2008:0773
    MD5: 3d9b96b0e61085105c40661fdd784b94
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

218932 - CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly


References


Keywords

GdkPixbufLoader


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/