- Issued:
- 2005-04-05
- Updated:
- 2005-04-05
RHSA-2005:343 - Security Advisory
Synopsis
gdk-pixbuf security update
Type/Severity
Security Advisory: Important
Topic
Updated gdk-pixbuf packages that fix a double free vulnerability are now
available.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Description
The gdk-pixbuf package contains an image loading library used with the
GNOME GUI desktop environment.
A bug was found in the way gdk-pixbuf processes BMP images. It is possible
that a specially crafted BMP image could cause a denial of service attack
on applications linked against gdk-pixbuf. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to
this issue.
Users of gdk-pixbuf are advised to upgrade to these packages, which contain
a backported patch and is not vulnerable to this issue.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Server 3 x86_64
- Red Hat Enterprise Linux Server 3 ia64
- Red Hat Enterprise Linux Server 3 i386
- Red Hat Enterprise Linux Server 2 ia64
- Red Hat Enterprise Linux Server 2 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Workstation 3 x86_64
- Red Hat Enterprise Linux Workstation 3 ia64
- Red Hat Enterprise Linux Workstation 3 i386
- Red Hat Enterprise Linux Workstation 2 ia64
- Red Hat Enterprise Linux Workstation 2 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux Desktop 3 x86_64
- Red Hat Enterprise Linux Desktop 3 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for IBM z Systems 3 s390x
- Red Hat Enterprise Linux for IBM z Systems 3 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
- Red Hat Enterprise Linux for Power, big endian 3 ppc
Fixes
- BZ - 152315 - CAN-2005-0891 gdk-pixbuf BMP double free DoS
CVEs
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 4
| SRPM | |
|---|---|
| x86_64 | |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-0.22.0-16.el4.x86_64.rpm | SHA-256: 073044aab79817194414b829e44a4e84a54614d357af600434da861989d8980f |
| gdk-pixbuf-0.22.0-16.el4.x86_64.rpm | SHA-256: 073044aab79817194414b829e44a4e84a54614d357af600434da861989d8980f |
| gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm | SHA-256: 46a4fcf7fcc25864ee67de0b6629365bf08bd170dddb86a6a58aba38ccb705b3 |
| gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm | SHA-256: 46a4fcf7fcc25864ee67de0b6629365bf08bd170dddb86a6a58aba38ccb705b3 |
| ia64 | |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-0.22.0-16.el4.ia64.rpm | SHA-256: d157a56aed306cbb1bc827963095b9737668281041394e33205d38f5a28ab374 |
| gdk-pixbuf-0.22.0-16.el4.ia64.rpm | SHA-256: d157a56aed306cbb1bc827963095b9737668281041394e33205d38f5a28ab374 |
| gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm | SHA-256: 295d52ad2b050694b320b4ea885b836ea25c52b954f6ca70089e1b96567fc96d |
| gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm | SHA-256: 295d52ad2b050694b320b4ea885b836ea25c52b954f6ca70089e1b96567fc96d |
| i386 | |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm | SHA-256: 494158795d6b82d0d009f6643dc594b3ec7b1c1d50c4cbf2153fbaaf6af8362b |
| gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm | SHA-256: 494158795d6b82d0d009f6643dc594b3ec7b1c1d50c4cbf2153fbaaf6af8362b |
Red Hat Enterprise Linux Workstation 4
| SRPM | |
|---|---|
| x86_64 | |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-0.22.0-16.el4.x86_64.rpm | SHA-256: 073044aab79817194414b829e44a4e84a54614d357af600434da861989d8980f |
| gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm | SHA-256: 46a4fcf7fcc25864ee67de0b6629365bf08bd170dddb86a6a58aba38ccb705b3 |
| ia64 | |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-0.22.0-16.el4.ia64.rpm | SHA-256: d157a56aed306cbb1bc827963095b9737668281041394e33205d38f5a28ab374 |
| gdk-pixbuf-devel-0.22.0-16.el4.ia64.rpm | SHA-256: 295d52ad2b050694b320b4ea885b836ea25c52b954f6ca70089e1b96567fc96d |
| i386 | |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm | SHA-256: 494158795d6b82d0d009f6643dc594b3ec7b1c1d50c4cbf2153fbaaf6af8362b |
Red Hat Enterprise Linux Desktop 4
| SRPM | |
|---|---|
| x86_64 | |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-0.22.0-16.el4.x86_64.rpm | SHA-256: 073044aab79817194414b829e44a4e84a54614d357af600434da861989d8980f |
| gdk-pixbuf-devel-0.22.0-16.el4.x86_64.rpm | SHA-256: 46a4fcf7fcc25864ee67de0b6629365bf08bd170dddb86a6a58aba38ccb705b3 |
| i386 | |
| gdk-pixbuf-0.22.0-16.el4.i386.rpm | SHA-256: 943c850528795a7ccb7fdf8039dc84d3904ea60de09a7e3fd96f8f8289dcf82a |
| gdk-pixbuf-devel-0.22.0-16.el4.i386.rpm | SHA-256: 494158795d6b82d0d009f6643dc594b3ec7b1c1d50c4cbf2153fbaaf6af8362b |
Red Hat Enterprise Linux for IBM z Systems 4
| SRPM | |
|---|---|
| s390x | |
| gdk-pixbuf-0.22.0-16.el4.s390.rpm | SHA-256: edc2737607ced2dfdeb69e219a6db29a525b608afb293f434a7f6cb45a666f80 |
| gdk-pixbuf-0.22.0-16.el4.s390x.rpm | SHA-256: 89d16942655e2df70407817d2442a88da5342f11f0f966beb3024890b6d02edb |
| gdk-pixbuf-devel-0.22.0-16.el4.s390x.rpm | SHA-256: f3e03a899737052b2fbdf8e9e45990db13a3b006cd542f8c5c03fadf16c85c2f |
| s390 | |
| gdk-pixbuf-0.22.0-16.el4.s390.rpm | SHA-256: edc2737607ced2dfdeb69e219a6db29a525b608afb293f434a7f6cb45a666f80 |
| gdk-pixbuf-devel-0.22.0-16.el4.s390.rpm | SHA-256: d11b61f904b9c53bfed340b7c095abbd8f714aacfae802acf9c9af41527997d1 |
Red Hat Enterprise Linux for Power, big endian 4
| SRPM | |
|---|---|
| ppc | |
| gdk-pixbuf-0.22.0-16.el4.ppc.rpm | SHA-256: 92006cb59531ba413d113be015366e251a47e540d0322550a97b0ab446b91cf7 |
| gdk-pixbuf-0.22.0-16.el4.ppc64.rpm | SHA-256: 60c8392c8c2021216f21f5df1817dd3adf959f9c84e73bd7d11e8f2a73943f19 |
| gdk-pixbuf-devel-0.22.0-16.el4.ppc.rpm | SHA-256: fe3f306e5e780fa5c2a596af408f35470a648a10adc7115e8663950f4eeb5c81 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.