Nom du paquet
netpbm
Date
2004-09-27
Advisory ID
MDKSA-2004:011-1
Affected versions
9.2 amd64 , CS2.1 x86_64 , 10.0 amd64 , CS2.1 i586 , 10.0 i586 , 9.2 i586 , MNF8.2 i586

Problem description

A number of temporary file bugs have been found in versions of NetPBM. These could allow a local user the ability to overwrite or create files as a different user who happens to run one of the the vulnerable utilities. Update: The patch applied made some calls to the mktemp utility with an incorrect parameter which prevented mktemp from creating temporary files in some scripts.

Updated packages

9.2 amd64

 4e2fd5df02fbfef8e5ec484be5d22622  amd64/9.2/RPMS/lib64netpbm9-9.24-7.2.92mdk.amd64.rpm
7d4123a267de978bf4322a8f6f2ecef9  amd64/9.2/RPMS/lib64netpbm9-devel-9.24-7.2.92mdk.amd64.rpm
af40bee2668388feb78ae030ad37d4a1  amd64/9.2/RPMS/lib64netpbm9-static-devel-9.24-7.2.92mdk.amd64.rpm
fb0a1ecc6d9794c07189e4eda5e75e03  amd64/9.2/RPMS/netpbm-9.24-7.2.92mdk.amd64.rpm
65bba0bffa3946b1979eb768fbd00da5  amd64/9.2/SRPMS/netpbm-9.24-7.2.92mdk.src.rpm

CS2.1 x86_64

 79e0e7aa77fd1badffef87c7302c9603  x86_64/corporate/2.1/RPMS/libnetpbm9-9.24-4.3.C21mdk.x86_64.rpm
25f00ef0a339d778fca62d94a9e01912  x86_64/corporate/2.1/RPMS/libnetpbm9-devel-9.24-4.3.C21mdk.x86_64.rpm
2f9d8c68325d46eb0bca42793b22764f  x86_64/corporate/2.1/RPMS/libnetpbm9-static-devel-9.24-4.3.C21mdk.x86_64.rpm
5fe14cbf7c5de9324f62731e52da11fa  x86_64/corporate/2.1/RPMS/netpbm-9.24-4.3.C21mdk.x86_64.rpm
20ec2e6d37a313d2fc7ecb8a572984de  x86_64/corporate/2.1/SRPMS/netpbm-9.24-4.3.C21mdk.src.rpm

10.0 amd64

 3f52a5ec20f70d2d3707dca32a0367af  amd64/10.0/RPMS/lib64netpbm9-9.24-8.1.100mdk.amd64.rpm
cac2d45fc30a3c6b0198ee0e39814602  amd64/10.0/RPMS/lib64netpbm9-devel-9.24-8.1.100mdk.amd64.rpm
f467ef407bfe3aac0c7da250b1c7b44f  amd64/10.0/RPMS/lib64netpbm9-static-devel-9.24-8.1.100mdk.amd64.rpm
429293f713cf017a4307f0fbbd6f55e7  amd64/10.0/RPMS/netpbm-9.24-8.1.100mdk.amd64.rpm
2448d2f88564908846d222cee8613901  amd64/10.0/SRPMS/netpbm-9.24-8.1.100mdk.src.rpm

CS2.1 i586

 88e8553960764a60c060673a8d61753d  corporate/2.1/RPMS/libnetpbm9-9.24-4.3.C21mdk.i586.rpm
edf38be60b8aeb5d354b8a046c85026d  corporate/2.1/RPMS/libnetpbm9-devel-9.24-4.3.C21mdk.i586.rpm
9409a93ec5e8f87de5220304e3b0cc5d  corporate/2.1/RPMS/libnetpbm9-static-devel-9.24-4.3.C21mdk.i586.rpm
cd00f1dfc00f9c5dbf504d4170398cd6  corporate/2.1/RPMS/netpbm-9.24-4.3.C21mdk.i586.rpm
20ec2e6d37a313d2fc7ecb8a572984de  corporate/2.1/SRPMS/netpbm-9.24-4.3.C21mdk.src.rpm

10.0 i586

 937ca333666cb5758fa86990fb4145d5  10.0/RPMS/libnetpbm9-9.24-8.1.100mdk.i586.rpm
c48c94c4b6006788c8e97d03f0a2c315  10.0/RPMS/libnetpbm9-devel-9.24-8.1.100mdk.i586.rpm
01f917f9b4fd32f252641b87d25f455f  10.0/RPMS/libnetpbm9-static-devel-9.24-8.1.100mdk.i586.rpm
7d59875f1017a7cdc8f67be4c91a5c9b  10.0/RPMS/netpbm-9.24-8.1.100mdk.i586.rpm
2448d2f88564908846d222cee8613901  10.0/SRPMS/netpbm-9.24-8.1.100mdk.src.rpm

9.2 i586

 d0f1cce584ebd07a271a5d0293b89c39  9.2/RPMS/libnetpbm9-9.24-7.2.92mdk.i586.rpm
14896f0ced9d2fc43fb28861ca90c3a8  9.2/RPMS/libnetpbm9-devel-9.24-7.2.92mdk.i586.rpm
9cdec874ed8d385e71fcee4d34fac4e3  9.2/RPMS/libnetpbm9-static-devel-9.24-7.2.92mdk.i586.rpm
5e4cdad5770f15c402d78d98cd7da4c7  9.2/RPMS/netpbm-9.24-7.2.92mdk.i586.rpm
65bba0bffa3946b1979eb768fbd00da5  9.2/SRPMS/netpbm-9.24-7.2.92mdk.src.rpm

MNF8.2 i586

 40d8884fc4d63ba064e5325d6e01352e  mnf8.2/RPMS/libnetpbm9-9.20-2.3.M82mdk.i586.rpm
2006197d0c75b9a9e371a4068396043d  mnf8.2/RPMS/netpbm-9.20-2.3.M82mdk.i586.rpm
0ea855945e99fd3f625b32a1393d8712  mnf8.2/SRPMS/netpbm-9.20-2.3.M82mdk.src.rpm

References