Paketname
imlib2
Datum
2009-01-19
Advisory ID
MDVSA-2009:019
Betroffene Versionen
2009.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , 2009.0 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.1 x86_64 , 2008.1 i586 , CS4.0 i586

Problembeschreibung

A vulnerability have been discovered in the load function of the XPM
loader for imlib2, which allows attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted XPM file
(CVE-2008-5187).

The updated packages have been patched to prevent this.

Aktualisierte Pakete

2009.0 x86_64

 0792cb35837ed4270c156a0b312690b3  2009.0/x86_64/imlib2-data-1.4.1.000-3.1mdv2009.0.x86_64.rpm
 acf486851d1d62dc25bae7e9927c1de9  2009.0/x86_64/lib64imlib2_1-1.4.1.000-3.1mdv2009.0.x86_64.rpm
 abf26cf4a822299b65ba85f087d11ec4  2009.0/x86_64/lib64imlib2_1-filters-1.4.1.000-3.1mdv2009.0.x86_64.rpm
 696e610fcef13d4e24a95ff40bc025ad  2009.0/x86_64/lib64imlib2_1-loaders-1.4.1.000-3.1mdv2009.0.x86_64.rpm
 db3e27035eed5db7e69f4a4a63e5d2b1  2009.0/x86_64/lib64imlib2-devel-1.4.1.000-3.1mdv2009.0.x86_64.rpm 
 341549290c474349cf56d39cac61afd0  2009.0/SRPMS/imlib2-1.4.1.000-3.1mdv2009.0.src.rpm

CS4.0 x86_64

 3f59425f7e24fb943b71b71f9363fcc3  corporate/4.0/x86_64/imlib2-data-1.2.1-1.5.20060mlcs4.x86_64.rpm
 3625a61358183508df2267eaa21bf0e6  corporate/4.0/x86_64/lib64imlib2_1-1.2.1-1.5.20060mlcs4.x86_64.rpm
 f558cc3c676b8c5bd99d867ae804751a  corporate/4.0/x86_64/lib64imlib2_1-devel-1.2.1-1.5.20060mlcs4.x86_64.rpm
 97e91aa3e494e58cd9ae4acf95f6c122  corporate/4.0/x86_64/lib64imlib2_1-filters-1.2.1-1.5.20060mlcs4.x86_64.rpm
 40c612551957db32916f100f2eff89c7  corporate/4.0/x86_64/lib64imlib2_1-loaders-1.2.1-1.5.20060mlcs4.x86_64.rpm 
 0f59519e49dfe6f0d639fbddf1930727  corporate/4.0/SRPMS/imlib2-1.2.1-1.5.20060mlcs4.src.rpm

2008.0 i586

 3975f58ff8fce94aa40bf8d8cf0a255f  2008.0/i586/imlib2-data-1.4.0.003-2.2mdv2008.0.i586.rpm
 d829550f7cf95c3a397005456c3143ff  2008.0/i586/libimlib2_1-1.4.0.003-2.2mdv2008.0.i586.rpm
 d133e0d8f3edd471385b767cb11c8c5e  2008.0/i586/libimlib2_1-filters-1.4.0.003-2.2mdv2008.0.i586.rpm
 2b04aea43e28db2df9a7ec867d2e3492  2008.0/i586/libimlib2_1-loaders-1.4.0.003-2.2mdv2008.0.i586.rpm
 d3a2ef874cc00f10d0760533c339875f  2008.0/i586/libimlib2-devel-1.4.0.003-2.2mdv2008.0.i586.rpm 
 771b35d79d7e5edbae2510dce1abdca4  2008.0/SRPMS/imlib2-1.4.0.003-2.2mdv2008.0.src.rpm

2009.0 i586

 c79464c67a5c42353c0d4953f9868d0f  2009.0/i586/imlib2-data-1.4.1.000-3.1mdv2009.0.i586.rpm
 ade93e05cf19971d81658330c7b9aebb  2009.0/i586/libimlib2_1-1.4.1.000-3.1mdv2009.0.i586.rpm
 ce3040c09dc96e1b991dd40afceab8a1  2009.0/i586/libimlib2_1-filters-1.4.1.000-3.1mdv2009.0.i586.rpm
 1a52924a9e417ccda81b73c9c674445b  2009.0/i586/libimlib2_1-loaders-1.4.1.000-3.1mdv2009.0.i586.rpm
 451c0284cf1721989e0f2b20baec9fb2  2009.0/i586/libimlib2-devel-1.4.1.000-3.1mdv2009.0.i586.rpm 
 341549290c474349cf56d39cac61afd0  2009.0/SRPMS/imlib2-1.4.1.000-3.1mdv2009.0.src.rpm

CS3.0 x86_64

 88a6915df6aa9435de4875c41aef22d5  corporate/3.0/x86_64/lib64imlib2_1-1.0.6-4.6.C30mdk.x86_64.rpm
 c6f625747f251b8bbf047e1a6899f3be  corporate/3.0/x86_64/lib64imlib2_1-devel-1.0.6-4.6.C30mdk.x86_64.rpm
 dc7284d898e3c8b5ec918bce395a1768  corporate/3.0/x86_64/lib64imlib2_1-filters-1.0.6-4.6.C30mdk.x86_64.rpm
 ba0fff3e075019d1736d7e847042bab9  corporate/3.0/x86_64/lib64imlib2_1-loaders-1.0.6-4.6.C30mdk.x86_64.rpm 
 821d40adec7cdc46b7a2b01bcb63dff7  corporate/3.0/SRPMS/imlib2-1.0.6-4.6.C30mdk.src.rpm

2008.0 x86_64

 1520726d812731296ade0e29fd06eb34  2008.0/x86_64/imlib2-data-1.4.0.003-2.2mdv2008.0.x86_64.rpm
 3d65b4a7c77b2299296773515ecb0c49  2008.0/x86_64/lib64imlib2_1-1.4.0.003-2.2mdv2008.0.x86_64.rpm
 a1a6a4a7698e7f1ed6fbe3ff9408d51c  2008.0/x86_64/lib64imlib2_1-filters-1.4.0.003-2.2mdv2008.0.x86_64.rpm
 a0962c67b52936197fd40b77d14066fb  2008.0/x86_64/lib64imlib2_1-loaders-1.4.0.003-2.2mdv2008.0.x86_64.rpm
 e3cbfabfabc5a70c3977e3a6fabd66f5  2008.0/x86_64/lib64imlib2-devel-1.4.0.003-2.2mdv2008.0.x86_64.rpm 
 771b35d79d7e5edbae2510dce1abdca4  2008.0/SRPMS/imlib2-1.4.0.003-2.2mdv2008.0.src.rpm

CS3.0 i586

 eafa20c6b5234a9ba290b6a198d76436  corporate/3.0/i586/libimlib2_1-1.0.6-4.6.C30mdk.i586.rpm
 2c215fd34d61d7e75e54bc1526a8e3f8  corporate/3.0/i586/libimlib2_1-devel-1.0.6-4.6.C30mdk.i586.rpm
 69c8d2c3785c03b241efdc0cb2544d77  corporate/3.0/i586/libimlib2_1-filters-1.0.6-4.6.C30mdk.i586.rpm
 aefe0c2b637e08a862c311fe850911f0  corporate/3.0/i586/libimlib2_1-loaders-1.0.6-4.6.C30mdk.i586.rpm 
 821d40adec7cdc46b7a2b01bcb63dff7  corporate/3.0/SRPMS/imlib2-1.0.6-4.6.C30mdk.src.rpm

2008.1 x86_64

 2177df77cb0d8bf2128015573f20085f  2008.1/x86_64/imlib2-data-1.4.0.003-4.2mdv2008.1.x86_64.rpm
 2143a1a1d5877324d9009f3e3b7151be  2008.1/x86_64/lib64imlib2_1-1.4.0.003-4.2mdv2008.1.x86_64.rpm
 2ba331e1050b5aa4809efcffa3255d86  2008.1/x86_64/lib64imlib2_1-filters-1.4.0.003-4.2mdv2008.1.x86_64.rpm
 484fdcf438cb76fb6d861233b3a42566  2008.1/x86_64/lib64imlib2_1-loaders-1.4.0.003-4.2mdv2008.1.x86_64.rpm
 272d107bcb919ea9d4819a544b5409b7  2008.1/x86_64/lib64imlib2-devel-1.4.0.003-4.2mdv2008.1.x86_64.rpm 
 c4b1911fe8310383a4fbf13482c8d056  2008.1/SRPMS/imlib2-1.4.0.003-4.2mdv2008.1.src.rpm

2008.1 i586

 735082b709add31d1e373396438faad7  2008.1/i586/imlib2-data-1.4.0.003-4.2mdv2008.1.i586.rpm
 7b3aa4d9ce0642adc563f147576ce91b  2008.1/i586/libimlib2_1-1.4.0.003-4.2mdv2008.1.i586.rpm
 590d952cf20928993426f0fe49fd05fa  2008.1/i586/libimlib2_1-filters-1.4.0.003-4.2mdv2008.1.i586.rpm
 44cca9af3070737357fbcba84173f687  2008.1/i586/libimlib2_1-loaders-1.4.0.003-4.2mdv2008.1.i586.rpm
 d055c99f84d6fb6ee322760ef10c67a3  2008.1/i586/libimlib2-devel-1.4.0.003-4.2mdv2008.1.i586.rpm 
 c4b1911fe8310383a4fbf13482c8d056  2008.1/SRPMS/imlib2-1.4.0.003-4.2mdv2008.1.src.rpm

CS4.0 i586

 f8b5c648132e443708fffd827990f2ca  corporate/4.0/i586/imlib2-data-1.2.1-1.5.20060mlcs4.i586.rpm
 2464f12d3f39c5b5e4ff40d49abe62ab  corporate/4.0/i586/libimlib2_1-1.2.1-1.5.20060mlcs4.i586.rpm
 e90a39ce4023d37b6a9998a896faa5bb  corporate/4.0/i586/libimlib2_1-devel-1.2.1-1.5.20060mlcs4.i586.rpm
 771fdaae35e2a65e873e6ac348ab596a  corporate/4.0/i586/libimlib2_1-filters-1.2.1-1.5.20060mlcs4.i586.rpm
 6af3421b931428b99650d92607231cc4  corporate/4.0/i586/libimlib2_1-loaders-1.2.1-1.5.20060mlcs4.i586.rpm 
 0f59519e49dfe6f0d639fbddf1930727  corporate/4.0/SRPMS/imlib2-1.2.1-1.5.20060mlcs4.src.rpm

Referenzen