Paketname
gimp
Datum
2009-12-11
Advisory ID
MDVSA-2009:296-1
Betroffene Versionen
2008.0 i586 , 2008.0 x86_64

Problembeschreibung

A vulnerability was discovered and corrected in gimp:

Integer overflow in the ReadImage function in
plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers
to execute arbitrary code via a BMP file with crafted width and height
values that trigger a heap-based buffer overflow (CVE-2009-1570).

This update provides a solution to this vulnerability.

Update:

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers

Aktualisierte Pakete

2008.0 i586

 96671d703538682ce397c73f7983d574  2008.0/i586/gimp-2.4.0-0.rc2.3.1mdv2008.0.i586.rpm
 bdf1df745d007cf6ce8a405a995e17cd  2008.0/i586/gimp-python-2.4.0-0.rc2.3.1mdv2008.0.i586.rpm
 9cb17fb52734e201dff4d22ffe5d01c2  2008.0/i586/libgimp2.0_0-2.4.0-0.rc2.3.1mdv2008.0.i586.rpm
 65e5ae11c931e01a8e1afee1893a5ea9  2008.0/i586/libgimp2.0-devel-2.4.0-0.rc2.3.1mdv2008.0.i586.rpm 
 b6f660fdd8ea90cef3423431a29052af  2008.0/SRPMS/gimp-2.4.0-0.rc2.3.1mdv2008.0.src.rpm

2008.0 x86_64

 dd0803d3e25de874fe010e9146e324b1  2008.0/x86_64/gimp-2.4.0-0.rc2.3.1mdv2008.0.x86_64.rpm
 44dd4d0dabaf57326a8a75aa4a2a7c4e  2008.0/x86_64/gimp-python-2.4.0-0.rc2.3.1mdv2008.0.x86_64.rpm
 9f1cd5b01de2b3084868d80ee1849dff  2008.0/x86_64/lib64gimp2.0_0-2.4.0-0.rc2.3.1mdv2008.0.x86_64.rpm
 2d379204ab7a67b801b55051142ee09e  2008.0/x86_64/lib64gimp2.0-devel-2.4.0-0.rc2.3.1mdv2008.0.x86_64.rpm 
 b6f660fdd8ea90cef3423431a29052af  2008.0/SRPMS/gimp-2.4.0-0.rc2.3.1mdv2008.0.src.rpm

Referenzen