|
|
| Problem Description |
A buffer overflow in the giftopnm utility in netpbm prior to version
10.27 could allow attackers to have an unknown impact via a specially
crafted GIF file.
The updated packages have been patched to correct this issue.
| Updated Packages |
Corporate Server 3.0
a1229db35f2dd0edb45ecf42844fbdd5 corporate/3.0/i586/libnetpbm9-9.24-8.4.C30mdk.i586.rpm b69c7957841b97e6efe2246abc0445b5 corporate/3.0/i586/libnetpbm9-devel-9.24-8.4.C30mdk.i586.rpm 74e8149929edd4a38bc336a6e6ad815e corporate/3.0/i586/libnetpbm9-static-devel-9.24-8.4.C30mdk.i586.rpm 4b24aeaba17c33acc1984d972951e6e0 corporate/3.0/i586/netpbm-9.24-8.4.C30mdk.i586.rpm 09a57b241725ddc94de7aa784cbdcf23 corporate/3.0/SRPMS/netpbm-9.24-8.4.C30mdk.src.rpm
Corporate Server 3.0/X86_64
5826a02ad4a790a7f0267babd6d07c7b corporate/3.0/x86_64/lib64netpbm9-9.24-8.4.C30mdk.x86_64.rpm 5a878ca5fdfac52fa1982349f067184a corporate/3.0/x86_64/lib64netpbm9-devel-9.24-8.4.C30mdk.x86_64.rpm ee63faa77fbc7f5cf5fdad8b50211297 corporate/3.0/x86_64/lib64netpbm9-static-devel-9.24-8.4.C30mdk.x86_64.rpm 26953a92ce395301140d6eaab20f36c9 corporate/3.0/x86_64/netpbm-9.24-8.4.C30mdk.x86_64.rpm 09a57b241725ddc94de7aa784cbdcf23 corporate/3.0/SRPMS/netpbm-9.24-8.4.C30mdk.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0554
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.