MDVSA-2008:040
- Package name
- SDL_image
- Date
- 2008-02-07
- Advisory ID
- MDVSA-2008:040
- Affected versions
- 2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.0 i586 , 2007.1 x86_64
Problem description
The LWZReadByte() and IMG_LoadLBM_RW() functions in SDL_image
contain a boundary error that could be triggered to cause a static
buffer overflow and a heap-based buffer overflow. If a user using
an application linked against the SDL_image library were to open a
carefully crafted GIF or IFF ILBM file, the application could crash
or possibly allow for the execution of arbitrary code.
The updated packages have been patched to correct this issue.
Updated packages
2007.0 x86_64
d2857eb81cc32a44621d047b432fab33 2007.0/x86_64/lib64SDL_image1.2-1.2.5-1.1mdv2007.0.x86_64.rpm 41ef7e520b3cca2670fcd0cb149f7c63 2007.0/x86_64/lib64SDL_image1.2-devel-1.2.5-1.1mdv2007.0.x86_64.rpm ffa3317bcb0516f791317f2f917a8b74 2007.0/x86_64/lib64SDL_image1.2-test-1.2.5-1.1mdv2007.0.x86_64.rpm f0142948917c13c85db6d9a414a744b2 2007.0/SRPMS/SDL_image-1.2.5-1.1mdv2007.0.src.rpm
2007.1 i586
bb2d59af04d2816958816e327dbda0bc 2007.1/i586/libSDL_image1.2-1.2.5-2.1mdv2007.1.i586.rpm 44ce0300888500b1d1e4a3100ad268eb 2007.1/i586/libSDL_image1.2-devel-1.2.5-2.1mdv2007.1.i586.rpm 5441a072b2d68546aa54ed36e54829d5 2007.1/i586/libSDL_image1.2-test-1.2.5-2.1mdv2007.1.i586.rpm e154807a8ec099e1d3dc547b932ceff6 2007.1/SRPMS/SDL_image-1.2.5-2.1mdv2007.1.src.rpm
2007.0 i586
3b60927741b60c634afd430c5aa4ae00 2007.0/i586/libSDL_image1.2-1.2.5-1.1mdv2007.0.i586.rpm 71875c2de4180b5958a91107a974e327 2007.0/i586/libSDL_image1.2-devel-1.2.5-1.1mdv2007.0.i586.rpm 89b1410a912346b148393f95e01cfee0 2007.0/i586/libSDL_image1.2-test-1.2.5-1.1mdv2007.0.i586.rpm f0142948917c13c85db6d9a414a744b2 2007.0/SRPMS/SDL_image-1.2.5-1.1mdv2007.0.src.rpm
CS3.0 x86_64
700a0b9eeceb7958270c7469b4d9526e corporate/3.0/x86_64/lib64SDL_image1.2-1.2.3-3.1.C30mdk.x86_64.rpm 0247d9f7c8c3c07b0a6d8eaf0ddb49ad corporate/3.0/x86_64/lib64SDL_image1.2-devel-1.2.3-3.1.C30mdk.x86_64.rpm d88895f601d1ead8ceef727e141c06ae corporate/3.0/x86_64/lib64SDL_image1.2-test-1.2.3-3.1.C30mdk.x86_64.rpm 47cd75e075030313a3259560d7173de7 corporate/3.0/SRPMS/SDL_image-1.2.3-3.1.C30mdk.src.rpm
2008.0 x86_64
aaf18e912ee7ae18060f5a45f8b52d5c 2008.0/x86_64/lib64SDL_image1.2-1.2.6-1.1mdv2008.0.x86_64.rpm 63c882b5750b11cf1aec1669d26eed40 2008.0/x86_64/lib64SDL_image1.2-devel-1.2.6-1.1mdv2008.0.x86_64.rpm 96b96533f54e7297fb68e0de1682bc28 2008.0/x86_64/lib64SDL_image1.2-test-1.2.6-1.1mdv2008.0.x86_64.rpm 0ed8f31fca8e68ee38e66714ed0b2ea5 2008.0/SRPMS/SDL_image-1.2.6-1.1mdv2008.0.src.rpm
CS3.0 i586
3eb65d139568c061dd34e599a7ebdfdb corporate/3.0/i586/libSDL_image1.2-1.2.3-3.1.C30mdk.i586.rpm fce96c4bfc823e5f8ae308daedabbdfe corporate/3.0/i586/libSDL_image1.2-devel-1.2.3-3.1.C30mdk.i586.rpm 828b87047944aec9533b04f9e95df814 corporate/3.0/i586/libSDL_image1.2-test-1.2.3-3.1.C30mdk.i586.rpm 47cd75e075030313a3259560d7173de7 corporate/3.0/SRPMS/SDL_image-1.2.3-3.1.C30mdk.src.rpm
2008.0 i586
e40fff1a799fe26e0374702198768c48 2008.0/i586/libSDL_image1.2-1.2.6-1.1mdv2008.0.i586.rpm 1a021d41e4efa44a2df41939e70aa479 2008.0/i586/libSDL_image1.2-devel-1.2.6-1.1mdv2008.0.i586.rpm 22a22ac45381677f13e3b053c62f47d4 2008.0/i586/libSDL_image1.2-test-1.2.6-1.1mdv2008.0.i586.rpm 0ed8f31fca8e68ee38e66714ed0b2ea5 2008.0/SRPMS/SDL_image-1.2.6-1.1mdv2008.0.src.rpm
2007.1 x86_64
bc77c3b06e626902adc6372ef553442c 2007.1/x86_64/lib64SDL_image1.2-1.2.5-2.1mdv2007.1.x86_64.rpm 0fca19243b1718cce5b696bc4a0c6028 2007.1/x86_64/lib64SDL_image1.2-devel-1.2.5-2.1mdv2007.1.x86_64.rpm a700e02ec34d2c29faa682da74545d8b 2007.1/x86_64/lib64SDL_image1.2-test-1.2.5-2.1mdv2007.1.x86_64.rpm e154807a8ec099e1d3dc547b932ceff6 2007.1/SRPMS/SDL_image-1.2.5-2.1mdv2007.1.src.rpm