Paketname
xpm
Datum
2005-04-28
Advisory ID
MDKSA-2005:080
Betroffene Versionen
10.2 x86_64 , CS2.1 x86_64 , 10.0 amd64 , 10.2 i586 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , CS2.1 i586 , 10.1 x86_64

Problembeschreibung

The XPM library which is part of the XFree86/XOrg project is used by several GUI applications to process XPM image files. An integer overflow flaw was found in libXPM, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code via a negative bitmap_unit value if opened by a victim using an application linked to the vulnerable library. Updated packages are patched to correct all these issues.

Aktualisierte Pakete

10.2 x86_64

 7ba435fc44bf3904dbf42e4b784d0184  x86_64/10.2/RPMS/lib64xpm4-3.4k-30.1.102mdk.x86_64.rpm
bd578228b038ca5df10ad9efd70d20ce  x86_64/10.2/RPMS/lib64xpm4-devel-3.4k-30.1.102mdk.x86_64.rpm
fc4e22a6f1b2441b51eb79dfc26ae74c  x86_64/10.2/RPMS/libxpm4-3.4k-30.1.102mdk.i586.rpm
db6d27e6d96a0fa7a696bac650ef78fe  x86_64/10.2/RPMS/libxpm4-devel-3.4k-30.1.102mdk.i586.rpm
cb1212dbc9082e3a9dfd912ea35f7ed4  x86_64/10.2/SRPMS/xpm-3.4k-30.1.102mdk.src.rpm

CS2.1 x86_64

 037361e9e4d51661fb7acd367977c16f  x86_64/corporate/2.1/RPMS/libxpm4-3.4k-21.4.C21mdk.x86_64.rpm
a44a23d0525cc8b3a589082597f86e94  x86_64/corporate/2.1/RPMS/libxpm4-devel-3.4k-21.4.C21mdk.x86_64.rpm
03f77ccacff7731bc38dd8a124f29f8d  x86_64/corporate/2.1/SRPMS/xpm-3.4k-21.4.C21mdk.src.rpm

10.0 amd64

 fce3bee71945e407d81abfdaf8f8cbdc  amd64/10.0/RPMS/lib64xpm4-3.4k-27.4.100mdk.amd64.rpm
22eb44cb9c8958fd3dab0d5ed9fb9418  amd64/10.0/RPMS/lib64xpm4-devel-3.4k-27.4.100mdk.amd64.rpm
8f19344086b5361b30766c9085ee2ea2  amd64/10.0/RPMS/libxpm4-3.4k-27.4.100mdk.i586.rpm
6a5874bad1fb6105baf8c26dca1bf7c2  amd64/10.0/SRPMS/xpm-3.4k-27.4.100mdk.src.rpm

10.2 i586

 fc4e22a6f1b2441b51eb79dfc26ae74c  10.2/RPMS/libxpm4-3.4k-30.1.102mdk.i586.rpm
db6d27e6d96a0fa7a696bac650ef78fe  10.2/RPMS/libxpm4-devel-3.4k-30.1.102mdk.i586.rpm
cb1212dbc9082e3a9dfd912ea35f7ed4  10.2/SRPMS/xpm-3.4k-30.1.102mdk.src.rpm

10.1 i586

 2f0250adcad3d9845225cf4b4d9ce8ef  10.1/RPMS/libxpm4-3.4k-28.3.101mdk.i586.rpm
e171fdf9b23986e58c1fdcac292f70d0  10.1/RPMS/libxpm4-devel-3.4k-28.3.101mdk.i586.rpm
603d509c51b30617f2c89a038f666872  10.1/SRPMS/xpm-3.4k-28.3.101mdk.src.rpm

10.0 i586

 8f19344086b5361b30766c9085ee2ea2  10.0/RPMS/libxpm4-3.4k-27.4.100mdk.i586.rpm
7a7b882e901bcf7b24d182ccfeb7fef2  10.0/RPMS/libxpm4-devel-3.4k-27.4.100mdk.i586.rpm
6a5874bad1fb6105baf8c26dca1bf7c2  10.0/SRPMS/xpm-3.4k-27.4.100mdk.src.rpm

CS3.0 x86_64

 e5a369fa603516b674db9f2a6afc083b  x86_64/corporate/3.0/RPMS/lib64xpm4-3.4k-27.4.C30mdk.x86_64.rpm
d9f11eeef73c93d0a36b311986306126  x86_64/corporate/3.0/RPMS/lib64xpm4-devel-3.4k-27.4.C30mdk.x86_64.rpm
4872d5deec449ef844e478359d82ab18  x86_64/corporate/3.0/RPMS/libxpm4-3.4k-27.4.C30mdk.i586.rpm
30a7df84d2bda0065f895ec5b6de3eeb  x86_64/corporate/3.0/SRPMS/xpm-3.4k-27.4.C30mdk.src.rpm

CS3.0 i586

 4872d5deec449ef844e478359d82ab18  corporate/3.0/RPMS/libxpm4-3.4k-27.4.C30mdk.i586.rpm
ddd7569f50b68fa4cb621957f1ed56b6  corporate/3.0/RPMS/libxpm4-devel-3.4k-27.4.C30mdk.i586.rpm
30a7df84d2bda0065f895ec5b6de3eeb  corporate/3.0/SRPMS/xpm-3.4k-27.4.C30mdk.src.rpm

CS2.1 i586

 2925cd9c64536b76c9eefb2e9987029b  corporate/2.1/RPMS/libxpm4-3.4k-21.4.C21mdk.i586.rpm
7cb0cadd2e1934f9627637416a9284ba  corporate/2.1/RPMS/libxpm4-devel-3.4k-21.4.C21mdk.i586.rpm
03f77ccacff7731bc38dd8a124f29f8d  corporate/2.1/SRPMS/xpm-3.4k-21.4.C21mdk.src.rpm

10.1 x86_64

 1930678575cb695ecbd5cf4efd60e9a6  x86_64/10.1/RPMS/lib64xpm4-3.4k-28.3.101mdk.x86_64.rpm
a92856072a02d1efd23ba5a83dcfa766  x86_64/10.1/RPMS/lib64xpm4-devel-3.4k-28.3.101mdk.x86_64.rpm
2f0250adcad3d9845225cf4b4d9ce8ef  x86_64/10.1/RPMS/libxpm4-3.4k-28.3.101mdk.i586.rpm
e171fdf9b23986e58c1fdcac292f70d0  x86_64/10.1/RPMS/libxpm4-devel-3.4k-28.3.101mdk.i586.rpm
603d509c51b30617f2c89a038f666872  x86_64/10.1/SRPMS/xpm-3.4k-28.3.101mdk.src.rpm

Referenzen