MDVSA-2008:041
- Package name
- tk
- Date
- 2008-02-07
- Advisory ID
- MDVSA-2008:041
- Affected versions
- CS4.0 i586 , CS4.0 x86_64 , 2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.0 i586 , 2007.1 x86_64
Problem description
The ReadImage() function in Tk did not check codeSize read from GIF
images prior to initializing the append array, which could lead to
a buffer overflow with unknown impact.
The updated packages have been patched to correct this issue.
Updated packages
CS4.0 i586
0a8ab7cee460cd844fc36ffae18f22cf corporate/4.0/i586/expect-8.4.11-1.2.20060mlcs4.i586.rpm d8e97408f980801d3033771bddd3654c corporate/4.0/i586/itcl-8.4.11-1.2.20060mlcs4.i586.rpm b1a73ccba0f46a7368752f61037d55d4 corporate/4.0/i586/iwidgets-8.4.11-1.2.20060mlcs4.i586.rpm dbe4336575a216ab49ba2896707d1a42 corporate/4.0/i586/libtcl8.4-8.4.11-1.2.20060mlcs4.i586.rpm 8eca04215b8688949d00428075bb7e6c corporate/4.0/i586/libtk8.4-8.4.11-1.2.20060mlcs4.i586.rpm a1eaa7f756cdc305b4289eb048f4c27d corporate/4.0/i586/tcl-8.4.11-1.2.20060mlcs4.i586.rpm 3efda5e311c63186d677849a53f29588 corporate/4.0/i586/tcllib-8.4.11-1.2.20060mlcs4.i586.rpm c6caf3a8451c039d18233e7d0d75ba55 corporate/4.0/i586/tclx-8.4.11-1.2.20060mlcs4.i586.rpm 8c81d484a98a63edd8aa61db49e328c4 corporate/4.0/i586/tix-8.4.11-1.2.20060mlcs4.i586.rpm 0fbe1014bcc0e336c99df4ac6c15cede corporate/4.0/i586/tk-8.4.11-1.2.20060mlcs4.i586.rpm 04aeb45e0af9e354bbeb50cf710e92c8 corporate/4.0/SRPMS/tcltk-8.4.11-1.2.20060mlcs4.src.rpm
CS4.0 x86_64
a85bcacdbba4e5935d9d0fd362cfe26c corporate/4.0/x86_64/expect-8.4.11-1.2.20060mlcs4.x86_64.rpm 853c81ee4ed5ca0d9356b42debdb78a1 corporate/4.0/x86_64/itcl-8.4.11-1.2.20060mlcs4.x86_64.rpm 4b4e2c34bf7238d2f7d13d558af39c90 corporate/4.0/x86_64/iwidgets-8.4.11-1.2.20060mlcs4.x86_64.rpm e7578950e94fb19ffcf498c0f94d8923 corporate/4.0/x86_64/lib64tcl8.4-8.4.11-1.2.20060mlcs4.x86_64.rpm 15325efd404bf8360a68ff0a9f53d3b7 corporate/4.0/x86_64/lib64tk8.4-8.4.11-1.2.20060mlcs4.x86_64.rpm 32db571f68c7dfd66ff1424a65ad2f8d corporate/4.0/x86_64/tcl-8.4.11-1.2.20060mlcs4.x86_64.rpm 7c93dc23da99af0ccc94ef1f87f2ab19 corporate/4.0/x86_64/tcllib-8.4.11-1.2.20060mlcs4.x86_64.rpm 85c10ab5dc0e50081897e1798312bb09 corporate/4.0/x86_64/tclx-8.4.11-1.2.20060mlcs4.x86_64.rpm 83aed2c99f3d77578ff2826dd1ce4926 corporate/4.0/x86_64/tix-8.4.11-1.2.20060mlcs4.x86_64.rpm 91b1e013f3c8a927cafb96577cc786cc corporate/4.0/x86_64/tk-8.4.11-1.2.20060mlcs4.x86_64.rpm 04aeb45e0af9e354bbeb50cf710e92c8 corporate/4.0/SRPMS/tcltk-8.4.11-1.2.20060mlcs4.src.rpm
2007.0 x86_64
9c7d84dbf13a2595d97ddd4f2909d739 2007.0/x86_64/lib64tk8.4-8.4.13-1.2mdv2007.0.x86_64.rpm 83703461ccd52243d299dd0a00611019 2007.0/x86_64/lib64tk8.4-devel-8.4.13-1.2mdv2007.0.x86_64.rpm 16be00250d31baa14b8daaef1050a849 2007.0/x86_64/tk-8.4.13-1.2mdv2007.0.x86_64.rpm 00af2123b29298539e37a1b24d832774 2007.0/SRPMS/tk-8.4.13-1.2mdv2007.0.src.rpm
2007.1 i586
59fc6defd594590a401cd16796769921 2007.1/i586/libtk8.4-8.4.14-1.2mdv2007.1.i586.rpm d0a31e7f5bb7f15b981c91ad8cea16ed 2007.1/i586/libtk8.4-devel-8.4.14-1.2mdv2007.1.i586.rpm 0fd5d28dc25ff74443b1a1aa9c9f0f51 2007.1/i586/tk-8.4.14-1.2mdv2007.1.i586.rpm a84a7d5dec8ce5863e6a9b95f947522c 2007.1/SRPMS/tk-8.4.14-1.2mdv2007.1.src.rpm
2007.0 i586
313a17f5bd97cfa3585e4c081980a277 2007.0/i586/libtk8.4-8.4.13-1.2mdv2007.0.i586.rpm 0f3e50eb6d0ad4171466a77563647f06 2007.0/i586/libtk8.4-devel-8.4.13-1.2mdv2007.0.i586.rpm 4343ad52dcaaa9c2b3a721203c55e55a 2007.0/i586/tk-8.4.13-1.2mdv2007.0.i586.rpm 00af2123b29298539e37a1b24d832774 2007.0/SRPMS/tk-8.4.13-1.2mdv2007.0.src.rpm
CS3.0 x86_64
087fb2465422f9a986058ea7ef94805f corporate/3.0/x86_64/expect-8.4.5-3.2.C30mdk.x86_64.rpm da7a9ad6f31bf88c450d1a420622eecb corporate/3.0/x86_64/itcl-8.4.5-3.2.C30mdk.x86_64.rpm 86e4f3730cb0df460e4046e145e6f23d corporate/3.0/x86_64/tcl-8.4.5-3.2.C30mdk.x86_64.rpm a11c191d79f26ee41f0b3409e7ff9f45 corporate/3.0/x86_64/tcllib-8.4.5-3.2.C30mdk.x86_64.rpm c7aacd94b3ffcf5d08b0f849ff11c2fd corporate/3.0/x86_64/tclx-8.4.5-3.2.C30mdk.x86_64.rpm b8d04ce8ef73561878c872ecf648cccc corporate/3.0/x86_64/tix-8.4.5-3.2.C30mdk.x86_64.rpm 422837916e450af91a6138cc1b9d293a corporate/3.0/x86_64/tk-8.4.5-3.2.C30mdk.x86_64.rpm 77bfafd2bc669a44229c98235d9d7ddf corporate/3.0/SRPMS/tcltk-8.4.5-3.2.C30mdk.src.rpm
2008.0 x86_64
8600972bc80fe3d7dd4c38996fd3ebaf 2008.0/x86_64/lib64tk-devel-8.5a6-8.2mdv2008.0.x86_64.rpm afc55de6e27641bb41ddeff756f5fd7e 2008.0/x86_64/lib64tk8.5-8.5a6-8.2mdv2008.0.x86_64.rpm ea6772c14e7ff43edf66c8b11cdb9220 2008.0/x86_64/tk-8.5a6-8.2mdv2008.0.x86_64.rpm 5bf712675013ea0217a40b88b250eec6 2008.0/SRPMS/tk-8.5a6-8.2mdv2008.0.src.rpm
CS3.0 i586
3b1d115b2af8da6031f9516258ff6189 corporate/3.0/i586/expect-8.4.5-3.2.C30mdk.i586.rpm e7f0b7e434eeb9c0e610b9243a7a77f2 corporate/3.0/i586/itcl-8.4.5-3.2.C30mdk.i586.rpm 8994456be1907adba99f888605eeb9b0 corporate/3.0/i586/tcl-8.4.5-3.2.C30mdk.i586.rpm 559e5c236040dd10c97d68029471a2db corporate/3.0/i586/tcllib-8.4.5-3.2.C30mdk.i586.rpm 806fee7439ca70c4c3a07b452e235b6e corporate/3.0/i586/tclx-8.4.5-3.2.C30mdk.i586.rpm b43dfda12ad3b87ba08d2fe251f9b789 corporate/3.0/i586/tix-8.4.5-3.2.C30mdk.i586.rpm c0def25f6136448cec4b5f76c9ef7768 corporate/3.0/i586/tk-8.4.5-3.2.C30mdk.i586.rpm 77bfafd2bc669a44229c98235d9d7ddf corporate/3.0/SRPMS/tcltk-8.4.5-3.2.C30mdk.src.rpm
2008.0 i586
e508b67d8677e460b82fef4ca62cad11 2008.0/i586/libtk-devel-8.5a6-8.2mdv2008.0.i586.rpm 35fce37958832c7edbf4e8f2d63c9a72 2008.0/i586/libtk8.5-8.5a6-8.2mdv2008.0.i586.rpm c6a98c234a266e8f598261fd083efb66 2008.0/i586/tk-8.5a6-8.2mdv2008.0.i586.rpm 5bf712675013ea0217a40b88b250eec6 2008.0/SRPMS/tk-8.5a6-8.2mdv2008.0.src.rpm
2007.1 x86_64
38bc8310c8500041edaa37c96947c2ad 2007.1/x86_64/lib64tk8.4-8.4.14-1.2mdv2007.1.x86_64.rpm aa08bf6f098a79dc2c788f646891cc9c 2007.1/x86_64/lib64tk8.4-devel-8.4.14-1.2mdv2007.1.x86_64.rpm 110f8dfe0cabf73be25c5199c6a6573a 2007.1/x86_64/tk-8.4.14-1.2mdv2007.1.x86_64.rpm a84a7d5dec8ce5863e6a9b95f947522c 2007.1/SRPMS/tk-8.4.14-1.2mdv2007.1.src.rpm