Paketname
gimp
Datum
2013-12-18
Advisory ID
MDVSA-2013:294
Betroffene Versionen
MES5 i586 , MES5 x86_64

Problembeschreibung

Multiple vulnerabilities has been discovered and corrected in gimp:

Multiple stack-based buffer overflows in file-xwd.c in the X Window
Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a
denial of service (crash) and possibly execute arbitrary code via
a large (1) red, (2) green, or (3) blue color mask in an XWD file
(CVE-2012-5576).

Integer overflow in the load_image function in file-xwd.c in the X
Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with
glib before 2.24, allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a large color entries
value in an X Window System (XWD) image dump (CVE-2013-1913).

Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c
in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via an X Window System (XWD) image dump with
more colors than color map entries (CVE-2013-1978).

The updated packages have been patched to correct these issues.

Aktualisierte Pakete

MES5 i586

 760cb6e3f2f6153d693af37d1bbfbfca  mes5/i586/gimp-2.6.12-0.2mdvmes5.2.i586.rpm
 1d8bb88baa044d9da28ed0ed1685492a  mes5/i586/gimp-python-2.6.12-0.2mdvmes5.2.i586.rpm
 0e6aefa03a8a03d88f269c31ccad700a  mes5/i586/libgimp2.0_0-2.6.12-0.2mdvmes5.2.i586.rpm
 443a37f7cd76ea9b9964881ff2ef931e  mes5/i586/libgimp2.0-devel-2.6.12-0.2mdvmes5.2.i586.rpm 
 edc3b654d92fed53846488acf89abf13  mes5/SRPMS/gimp-2.6.12-0.2mdvmes5.2.src.rpm

MES5 x86_64

 436684c464f88f15e3e6fd14a73ff321  mes5/x86_64/gimp-2.6.12-0.2mdvmes5.2.x86_64.rpm
 d36d6c6cbe0734971d09032e249bdb50  mes5/x86_64/gimp-python-2.6.12-0.2mdvmes5.2.x86_64.rpm
 8789363de85e421285b42662dbbb5a4c  mes5/x86_64/lib64gimp2.0_0-2.6.12-0.2mdvmes5.2.x86_64.rpm
 5e5ce25f77ef23d27634dd9692d96d48  mes5/x86_64/lib64gimp2.0-devel-2.6.12-0.2mdvmes5.2.x86_64.rpm 
 edc3b654d92fed53846488acf89abf13  mes5/SRPMS/gimp-2.6.12-0.2mdvmes5.2.src.rpm

Referenzen