Skip to navigation

Security Advisory Important: netpbm security update

Advisory: RHSA-2011:1811-1
Type: Security Advisory
Severity: Important
Issued on: 2011-12-12
Last updated on: 2011-12-12
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-4274
CVE-2011-4516
CVE-2011-4517

Details

Updated netpbm packages that fix three security issues are now available
for Red Hat Enterprise Linux 4 and 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The netpbm packages contain a library of functions which support programs
for handling various graphics file formats, including .pbm (Portable Bit
Map), .pgm (Portable Gray Map), .pnm (Portable Any Map), .ppm (Portable
Pixel Map), and others.

Two heap-based buffer overflow flaws were found in the embedded JasPer
library, which is used to provide support for Part 1 of the JPEG 2000 image
compression standard in the jpeg2ktopam and pamtojpeg2k tools. An attacker
could create a malicious JPEG 2000 compressed image file that could cause
jpeg2ktopam to crash or, potentially, execute arbitrary code with the
privileges of the user running jpeg2ktopam. These flaws do not affect
pamtojpeg2k. (CVE-2011-4516, CVE-2011-4517)

A stack-based buffer overflow flaw was found in the way the xpmtoppm tool
processed X PixMap (XPM) image files. An attacker could create a malicious
XPM file that would cause xpmtoppm to crash or, potentially, execute
arbitrary code with the privileges of the user running xpmtoppm.
(CVE-2009-4274)

Red Hat would like to thank Jonathan Foote of the CERT Coordination Center
for reporting the CVE-2011-4516 and CVE-2011-4517 issues.

All users of netpbm are advised to upgrade to these updated packages,
which contain backported patches to correct these issues.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
netpbm-10.35.58-8.el5_7.3.src.rpm
File outdated by:  RHBA-2012:0287
    MD5: 0579a1cc04d7b11068d49931719844f7
SHA-256: 5dd98cf6e7e6e8a81af2d4fd70334fb1ffa4804426f4c9eba050409d8c4c8f72
 
IA-32:
netpbm-devel-10.35.58-8.el5_7.3.i386.rpm
File outdated by:  RHBA-2012:0287
    MD5: 69d7a2b62b877a3713ca98f56647eb8e
SHA-256: 852afc9b4c16e85748568d9b093a7f050193f6953b9d581052acd8ca53f5f843
 
x86_64:
netpbm-devel-10.35.58-8.el5_7.3.i386.rpm
File outdated by:  RHBA-2012:0287
    MD5: 69d7a2b62b877a3713ca98f56647eb8e
SHA-256: 852afc9b4c16e85748568d9b093a7f050193f6953b9d581052acd8ca53f5f843
netpbm-devel-10.35.58-8.el5_7.3.x86_64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 0181569e49bf686e077b52674d383a78
SHA-256: ba664c9d0df00eea32d1ba3bd4b93a80b01d8c8742072451200e9d5bcd37e43a
 
Red Hat Desktop (v. 4)

SRPMS:
netpbm-10.35.58-8.el4.src.rpm     MD5: 78b540b0a959c67314cc667a1cd8a139
SHA-256: 52b2c1f189d10b4b50b2f0d01d615f222bc3c60e7bf63ad3a5b4e722f799033a
 
IA-32:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-devel-10.35.58-8.el4.i386.rpm     MD5: 1e38d8197690fc3fb85e8dfe3d330ae2
SHA-256: af3c3d122dd0d2ed474aa98d63f754384e17f340d3dd4d65ce5209011718bcdc
netpbm-progs-10.35.58-8.el4.i386.rpm     MD5: 7f9b18359fdfa0405f4e568f492bfbbe
SHA-256: 78bb8b63e9dcf7e8eefeb6203898c7c4d77a3d850870d3c272ed4af775fb1bea
 
x86_64:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-10.35.58-8.el4.x86_64.rpm     MD5: 119da8c8de73058179774190c0f8bf1a
SHA-256: 009c6da6a4621edd63b6c2b2324b0a1b7cc062c3fa7ea0122d7cefcbe8939bb0
netpbm-devel-10.35.58-8.el4.x86_64.rpm     MD5: c37c7807832254dfcb13e15af21f2d7c
SHA-256: bdef434977f1ec9128d58a404697b446ef783150ac6bb39769779a4d8a990b45
netpbm-progs-10.35.58-8.el4.x86_64.rpm     MD5: c8dd409d009275b6222c5677a297939e
SHA-256: 29c6d80ff2653e7a7477b4772bfb7bdfbc1cd1c4a719f6c6bafd37a4a4c6d401
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
netpbm-10.35.58-8.el5_7.3.src.rpm
File outdated by:  RHBA-2012:0287
    MD5: 0579a1cc04d7b11068d49931719844f7
SHA-256: 5dd98cf6e7e6e8a81af2d4fd70334fb1ffa4804426f4c9eba050409d8c4c8f72
 
IA-32:
netpbm-10.35.58-8.el5_7.3.i386.rpm
File outdated by:  RHBA-2012:0287
    MD5: 3c80f2a790a20879e8872bd58e1c4a71
SHA-256: 131f2425522c2532c126e236dba4fea2ff8f16e29d3dfae8f719a3c1945f28d0
netpbm-devel-10.35.58-8.el5_7.3.i386.rpm
File outdated by:  RHBA-2012:0287
    MD5: 69d7a2b62b877a3713ca98f56647eb8e
SHA-256: 852afc9b4c16e85748568d9b093a7f050193f6953b9d581052acd8ca53f5f843
netpbm-progs-10.35.58-8.el5_7.3.i386.rpm
File outdated by:  RHBA-2012:0287
    MD5: 6909e66356983209abf0b1632c64ef0f
SHA-256: d1b293191ad5851766afef5d5f658a0d5902378fe4d65aca57ac10ab52d5d85b
 
IA-64:
netpbm-10.35.58-8.el5_7.3.ia64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 303e2ee08ee2ff43cf286eb12b4e55fc
SHA-256: 6719cc3bdb6d1fa667715ec17d4390f4f2f09073361a7da76940832e40f140e4
netpbm-devel-10.35.58-8.el5_7.3.ia64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 14ea7469e56d96f3d531091113485d14
SHA-256: 2b8b9b8b6483dcd0cc386f86656b993084d55581f0e59a2b5aa1cf2a37bb4a4f
netpbm-progs-10.35.58-8.el5_7.3.ia64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 938a973e3d2a0c7dba9ee59b20368831
SHA-256: 108f947329726570ed64a759b1b427575f2017658db22fd06ebdced963e9b435
 
PPC:
netpbm-10.35.58-8.el5_7.3.ppc.rpm
File outdated by:  RHBA-2012:0287
    MD5: 4e9b710c3cba88b25fcd31ff893581da
SHA-256: 36d276256686694a98cfebac9889c022374f7526b4679739b3942588762266bb
netpbm-10.35.58-8.el5_7.3.ppc64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 52c7587c381ded0be9640f3e5d1a7357
SHA-256: 1873c6028be35a216380b815d99e7426882c5be494096019dcdc7daaa609245b
netpbm-devel-10.35.58-8.el5_7.3.ppc.rpm
File outdated by:  RHBA-2012:0287
    MD5: fc4251764963e5b90c176f0d896b32de
SHA-256: 97bbb252b7691e5c516f099c3e855b855815d94bd3cfb72b8e3edf2e1c149d50
netpbm-devel-10.35.58-8.el5_7.3.ppc64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 143c4c4f437ef7ad1ec7ad367b547c09
SHA-256: bf2785d76d4de576ce9f3dd085ab2da033791bb4a1eb0580386690f836416288
netpbm-progs-10.35.58-8.el5_7.3.ppc.rpm
File outdated by:  RHBA-2012:0287
    MD5: 0199b81805c1c3268e88a2cf43774368
SHA-256: 175f69e0673a871b96988cae839c7825936449c6449f1550bad59c24cd6803c6
 
s390x:
netpbm-10.35.58-8.el5_7.3.s390.rpm
File outdated by:  RHBA-2012:0287
    MD5: e5c45775ddfffd7bf42188cc935aab3a
SHA-256: ebb903ca3edc0a3308c9face97bab36cfdd475ee69207901e67e1cd036593da3
netpbm-10.35.58-8.el5_7.3.s390x.rpm
File outdated by:  RHBA-2012:0287
    MD5: 201a2d2ff1d176e85c19ef0290edf40e
SHA-256: 0de0361abdeffe7a37cb7a6a918584f0436f6895a8228ec3065799d6ff7b156a
netpbm-devel-10.35.58-8.el5_7.3.s390.rpm
File outdated by:  RHBA-2012:0287
    MD5: 8aaa63ac0e0f42419203e22e6e866a27
SHA-256: 673bfb4f6f71c77dc362ebf8eaa47a809276eb7ea73829b65f424e0716d1b3de
netpbm-devel-10.35.58-8.el5_7.3.s390x.rpm
File outdated by:  RHBA-2012:0287
    MD5: 9a28b7c14c95ba3986f41703bc5c25e1
SHA-256: 065826392d0caafc76e2713e39385d7b7567d1245d2f62530b96df3c5d20e638
netpbm-progs-10.35.58-8.el5_7.3.s390x.rpm
File outdated by:  RHBA-2012:0287
    MD5: 70727721ae42b4ba691f5f14cc4af4c1
SHA-256: f4dabbf33cb7d9952b4670378ba15c8227a3d3f139a7fd787824b1a39a4ea712
 
x86_64:
netpbm-10.35.58-8.el5_7.3.i386.rpm
File outdated by:  RHBA-2012:0287
    MD5: 3c80f2a790a20879e8872bd58e1c4a71
SHA-256: 131f2425522c2532c126e236dba4fea2ff8f16e29d3dfae8f719a3c1945f28d0
netpbm-10.35.58-8.el5_7.3.x86_64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 3da7ab604be1d79dc5a50615d22b1376
SHA-256: 35f3a2b931ba52f2f0e1c47d57aef62a1209c7c83e87500e999b4b3e6944905f
netpbm-devel-10.35.58-8.el5_7.3.i386.rpm
File outdated by:  RHBA-2012:0287
    MD5: 69d7a2b62b877a3713ca98f56647eb8e
SHA-256: 852afc9b4c16e85748568d9b093a7f050193f6953b9d581052acd8ca53f5f843
netpbm-devel-10.35.58-8.el5_7.3.x86_64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 0181569e49bf686e077b52674d383a78
SHA-256: ba664c9d0df00eea32d1ba3bd4b93a80b01d8c8742072451200e9d5bcd37e43a
netpbm-progs-10.35.58-8.el5_7.3.x86_64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 6413364839fc1f3d0fe885a143d9f4a7
SHA-256: 5e4b18001238a674935a5abcc50d4893f98d20c7a87115508c8b050ea8a2b2d3
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
netpbm-10.35.58-8.el4.src.rpm     MD5: 78b540b0a959c67314cc667a1cd8a139
SHA-256: 52b2c1f189d10b4b50b2f0d01d615f222bc3c60e7bf63ad3a5b4e722f799033a
 
IA-32:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-devel-10.35.58-8.el4.i386.rpm     MD5: 1e38d8197690fc3fb85e8dfe3d330ae2
SHA-256: af3c3d122dd0d2ed474aa98d63f754384e17f340d3dd4d65ce5209011718bcdc
netpbm-progs-10.35.58-8.el4.i386.rpm     MD5: 7f9b18359fdfa0405f4e568f492bfbbe
SHA-256: 78bb8b63e9dcf7e8eefeb6203898c7c4d77a3d850870d3c272ed4af775fb1bea
 
IA-64:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-10.35.58-8.el4.ia64.rpm     MD5: b45a5bd4b0a8fd0b4c0d66a6561da3e8
SHA-256: 996652664b83289cf5bdc8641830dfb48ca2640d22abec0b73ad670bbe81f18b
netpbm-devel-10.35.58-8.el4.ia64.rpm     MD5: 5831146b78e6451366bd69c99e81c3fd
SHA-256: 324f4538502f6bb9fcaed631627db70fef3e808cbe4f713091edbb373346f63b
netpbm-progs-10.35.58-8.el4.ia64.rpm     MD5: 51d226ad462fcb84ab93746cbe90cca6
SHA-256: 2b973188175cf8d03a932969bf271afdef086141fa3857acdb8f1f5d3a14e996
 
PPC:
netpbm-10.35.58-8.el4.ppc.rpm     MD5: 7bc27c7daf46a0656171ade65d304569
SHA-256: ac9473c1e976efad41dacdbab94bd192b5436f3062c7839001c57567c436090f
netpbm-10.35.58-8.el4.ppc64.rpm     MD5: 27f6de14b61eb7fbcb43aa41a8fcb95f
SHA-256: ba16fb41b7531e387653cce767a7f0e5f4b4ef7c973a250f089dadbe394533ac
netpbm-devel-10.35.58-8.el4.ppc.rpm     MD5: f5d2bdde86f38751c7e8efe611d8a1e2
SHA-256: fc76a318ebbb5a1aabcb38c8c2bf3477a0331e78c44d63d499cbabf38a8ba50b
netpbm-progs-10.35.58-8.el4.ppc.rpm     MD5: a4da80a79258a853f7603d8337d13b68
SHA-256: e3acea6f08e8fe0269737d1fb8bb832dd718d42d2c9b9237345fcb3137ef9994
 
s390:
netpbm-10.35.58-8.el4.s390.rpm     MD5: 19dae41a65db3bf450b88fcc5dced297
SHA-256: 276b8298d6afe55e2fd1bf75d2f489d3bd59d11e27276f905e8acb11c468a920
netpbm-devel-10.35.58-8.el4.s390.rpm     MD5: dd407476af6d0ed13a6cb3eaf4b84960
SHA-256: 3f1cf558e0bc9081f777bc8763a8529e56538f734d0efeee1f0280f39c0d8c56
netpbm-progs-10.35.58-8.el4.s390.rpm     MD5: 636d32bd24795e1e54f10c20b98a908c
SHA-256: f7a43c58237abc972c36a4b1d97af7fde0c62eb813469887d2b48a14c65f0bcd
 
s390x:
netpbm-10.35.58-8.el4.s390.rpm     MD5: 19dae41a65db3bf450b88fcc5dced297
SHA-256: 276b8298d6afe55e2fd1bf75d2f489d3bd59d11e27276f905e8acb11c468a920
netpbm-10.35.58-8.el4.s390x.rpm     MD5: 3cfadb5c57e26963819d201184b5143e
SHA-256: 4e26425947b74ee6e070779ee0a523e19c1a0682107ab7eab777d7cbb62ed3a8
netpbm-devel-10.35.58-8.el4.s390x.rpm     MD5: c82522581a1b4af6f5bc35a9c066f804
SHA-256: c2038032c7078168c9323c567c41a76423a1c72865964ef17fbac9d91204ae96
netpbm-progs-10.35.58-8.el4.s390x.rpm     MD5: 2ad39023d57a03c4eafb71765544e20b
SHA-256: a31d5deef5464ddcea8342da9ac01211f7ac705b9e418ef8e6871c0b43969b1b
 
x86_64:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-10.35.58-8.el4.x86_64.rpm     MD5: 119da8c8de73058179774190c0f8bf1a
SHA-256: 009c6da6a4621edd63b6c2b2324b0a1b7cc062c3fa7ea0122d7cefcbe8939bb0
netpbm-devel-10.35.58-8.el4.x86_64.rpm     MD5: c37c7807832254dfcb13e15af21f2d7c
SHA-256: bdef434977f1ec9128d58a404697b446ef783150ac6bb39769779a4d8a990b45
netpbm-progs-10.35.58-8.el4.x86_64.rpm     MD5: c8dd409d009275b6222c5677a297939e
SHA-256: 29c6d80ff2653e7a7477b4772bfb7bdfbc1cd1c4a719f6c6bafd37a4a4c6d401
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
netpbm-10.35.58-8.el5_7.3.src.rpm
File outdated by:  RHBA-2012:0287
    MD5: 0579a1cc04d7b11068d49931719844f7
SHA-256: 5dd98cf6e7e6e8a81af2d4fd70334fb1ffa4804426f4c9eba050409d8c4c8f72
 
IA-32:
netpbm-10.35.58-8.el5_7.3.i386.rpm
File outdated by:  RHBA-2012:0287
    MD5: 3c80f2a790a20879e8872bd58e1c4a71
SHA-256: 131f2425522c2532c126e236dba4fea2ff8f16e29d3dfae8f719a3c1945f28d0
netpbm-progs-10.35.58-8.el5_7.3.i386.rpm
File outdated by:  RHBA-2012:0287
    MD5: 6909e66356983209abf0b1632c64ef0f
SHA-256: d1b293191ad5851766afef5d5f658a0d5902378fe4d65aca57ac10ab52d5d85b
 
x86_64:
netpbm-10.35.58-8.el5_7.3.i386.rpm
File outdated by:  RHBA-2012:0287
    MD5: 3c80f2a790a20879e8872bd58e1c4a71
SHA-256: 131f2425522c2532c126e236dba4fea2ff8f16e29d3dfae8f719a3c1945f28d0
netpbm-10.35.58-8.el5_7.3.x86_64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 3da7ab604be1d79dc5a50615d22b1376
SHA-256: 35f3a2b931ba52f2f0e1c47d57aef62a1209c7c83e87500e999b4b3e6944905f
netpbm-progs-10.35.58-8.el5_7.3.x86_64.rpm
File outdated by:  RHBA-2012:0287
    MD5: 6413364839fc1f3d0fe885a143d9f4a7
SHA-256: 5e4b18001238a674935a5abcc50d4893f98d20c7a87115508c8b050ea8a2b2d3
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
netpbm-10.35.58-8.el4.src.rpm     MD5: 78b540b0a959c67314cc667a1cd8a139
SHA-256: 52b2c1f189d10b4b50b2f0d01d615f222bc3c60e7bf63ad3a5b4e722f799033a
 
IA-32:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-devel-10.35.58-8.el4.i386.rpm     MD5: 1e38d8197690fc3fb85e8dfe3d330ae2
SHA-256: af3c3d122dd0d2ed474aa98d63f754384e17f340d3dd4d65ce5209011718bcdc
netpbm-progs-10.35.58-8.el4.i386.rpm     MD5: 7f9b18359fdfa0405f4e568f492bfbbe
SHA-256: 78bb8b63e9dcf7e8eefeb6203898c7c4d77a3d850870d3c272ed4af775fb1bea
 
IA-64:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-10.35.58-8.el4.ia64.rpm     MD5: b45a5bd4b0a8fd0b4c0d66a6561da3e8
SHA-256: 996652664b83289cf5bdc8641830dfb48ca2640d22abec0b73ad670bbe81f18b
netpbm-devel-10.35.58-8.el4.ia64.rpm     MD5: 5831146b78e6451366bd69c99e81c3fd
SHA-256: 324f4538502f6bb9fcaed631627db70fef3e808cbe4f713091edbb373346f63b
netpbm-progs-10.35.58-8.el4.ia64.rpm     MD5: 51d226ad462fcb84ab93746cbe90cca6
SHA-256: 2b973188175cf8d03a932969bf271afdef086141fa3857acdb8f1f5d3a14e996
 
x86_64:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-10.35.58-8.el4.x86_64.rpm     MD5: 119da8c8de73058179774190c0f8bf1a
SHA-256: 009c6da6a4621edd63b6c2b2324b0a1b7cc062c3fa7ea0122d7cefcbe8939bb0
netpbm-devel-10.35.58-8.el4.x86_64.rpm     MD5: c37c7807832254dfcb13e15af21f2d7c
SHA-256: bdef434977f1ec9128d58a404697b446ef783150ac6bb39769779a4d8a990b45
netpbm-progs-10.35.58-8.el4.x86_64.rpm     MD5: c8dd409d009275b6222c5677a297939e
SHA-256: 29c6d80ff2653e7a7477b4772bfb7bdfbc1cd1c4a719f6c6bafd37a4a4c6d401
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
netpbm-10.35.58-8.el4.src.rpm     MD5: 78b540b0a959c67314cc667a1cd8a139
SHA-256: 52b2c1f189d10b4b50b2f0d01d615f222bc3c60e7bf63ad3a5b4e722f799033a
 
IA-32:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-devel-10.35.58-8.el4.i386.rpm     MD5: 1e38d8197690fc3fb85e8dfe3d330ae2
SHA-256: af3c3d122dd0d2ed474aa98d63f754384e17f340d3dd4d65ce5209011718bcdc
netpbm-progs-10.35.58-8.el4.i386.rpm     MD5: 7f9b18359fdfa0405f4e568f492bfbbe
SHA-256: 78bb8b63e9dcf7e8eefeb6203898c7c4d77a3d850870d3c272ed4af775fb1bea
 
IA-64:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-10.35.58-8.el4.ia64.rpm     MD5: b45a5bd4b0a8fd0b4c0d66a6561da3e8
SHA-256: 996652664b83289cf5bdc8641830dfb48ca2640d22abec0b73ad670bbe81f18b
netpbm-devel-10.35.58-8.el4.ia64.rpm     MD5: 5831146b78e6451366bd69c99e81c3fd
SHA-256: 324f4538502f6bb9fcaed631627db70fef3e808cbe4f713091edbb373346f63b
netpbm-progs-10.35.58-8.el4.ia64.rpm     MD5: 51d226ad462fcb84ab93746cbe90cca6
SHA-256: 2b973188175cf8d03a932969bf271afdef086141fa3857acdb8f1f5d3a14e996
 
x86_64:
netpbm-10.35.58-8.el4.i386.rpm     MD5: 15cdd37509c2fb4099125e86415ecedf
SHA-256: 9565f6c7caa803a7ddf863672c0e865f1988dd5c6bbf5e9af0548a499e6ffc02
netpbm-10.35.58-8.el4.x86_64.rpm     MD5: 119da8c8de73058179774190c0f8bf1a
SHA-256: 009c6da6a4621edd63b6c2b2324b0a1b7cc062c3fa7ea0122d7cefcbe8939bb0
netpbm-devel-10.35.58-8.el4.x86_64.rpm     MD5: c37c7807832254dfcb13e15af21f2d7c
SHA-256: bdef434977f1ec9128d58a404697b446ef783150ac6bb39769779a4d8a990b45
netpbm-progs-10.35.58-8.el4.x86_64.rpm     MD5: c8dd409d009275b6222c5677a297939e
SHA-256: 29c6d80ff2653e7a7477b4772bfb7bdfbc1cd1c4a719f6c6bafd37a4a4c6d401
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

546580 - CVE-2009-4274 netpbm: Stack-based buffer overflow by processing X PixMap image header fields
747726 - CVE-2011-4516 CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/