Support / Security / Advisories / Corporate Server 3.0 / MDVSA-2008:039

Package name: netpbm
Date: 2008-02-07
Advisory ID: MDVSA-2008:039
Affected versions: CS3.0 i586 , CS3.0 x86_64

Problem description

A buffer overflow in the giftopnm utility in netpbm prior to version
10.27 could allow attackers to have an unknown impact via a specially
crafted GIF file.

The updated packages have been patched to correct this issue.

Updated packages

CS3.0 i586

 a1229db35f2dd0edb45ecf42844fbdd5  corporate/3.0/i586/libnetpbm9-9.24-8.4.C30mdk.i586.rpm
 b69c7957841b97e6efe2246abc0445b5  corporate/3.0/i586/libnetpbm9-devel-9.24-8.4.C30mdk.i586.rpm
 74e8149929edd4a38bc336a6e6ad815e  corporate/3.0/i586/libnetpbm9-static-devel-9.24-8.4.C30mdk.i586.rpm
 4b24aeaba17c33acc1984d972951e6e0  corporate/3.0/i586/netpbm-9.24-8.4.C30mdk.i586.rpm 
 09a57b241725ddc94de7aa784cbdcf23  corporate/3.0/SRPMS/netpbm-9.24-8.4.C30mdk.src.rpm

CS3.0 x86_64

 5826a02ad4a790a7f0267babd6d07c7b  corporate/3.0/x86_64/lib64netpbm9-9.24-8.4.C30mdk.x86_64.rpm
 5a878ca5fdfac52fa1982349f067184a  corporate/3.0/x86_64/lib64netpbm9-devel-9.24-8.4.C30mdk.x86_64.rpm
 ee63faa77fbc7f5cf5fdad8b50211297  corporate/3.0/x86_64/lib64netpbm9-static-devel-9.24-8.4.C30mdk.x86_64.rpm
 26953a92ce395301140d6eaab20f36c9  corporate/3.0/x86_64/netpbm-9.24-8.4.C30mdk.x86_64.rpm 
 09a57b241725ddc94de7aa784cbdcf23  corporate/3.0/SRPMS/netpbm-9.24-8.4.C30mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0554