Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2005-98
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 27 Dec 2005
 Last revised: 27 Dec 2005

 Package: gdk-pixbuf

 Summary: Integer overflow

 More information:
    The GdkPixBuf library provides a number of features.
    Multiple vulnerabilities have been discovered in the handling of libXpm
    for gdk-pixbuf.

 Impact:
    These vulnerabilities may allow remote attackers to execute arbitrary
    code via malformed XPM image files.

 Affected Products:
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal

 Solution:
    Please use the turbopkg (zabom) tool to apply the update. 
 ---------------------------------------------
 [Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home,
  Turbolinux Multimedia, Turbolinux Personal]
 # turbopkg
 or
 # zabom -u gdk-pixbuf gdk-pixbuf-devel
 ---------------------------------------------


 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   gdk-pixbuf-0.22.0-7.src.rpm
       412324 3c6ccbe808c2ba05576d8f1f0b651e71

   Binary Packages
   Size: MD5

   gdk-pixbuf-0.22.0-7.i686.rpm
       222053 1f17cdd0fb342c42ac51b180cc8ca1a8
   gdk-pixbuf-devel-0.22.0-7.i686.rpm
       189081 c11b79d00a881d32e15d05187f68a3d0

 <Turbolinux 10 Server x64 Edition> 

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/gdk-pixbuf-0.22.0-7.src.rpm
       412324 ef685431ad0f13e0d388c194b70f23a7

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/gdk-pixbuf-0.22.0-7.x86_64.rpm
       200715 b0ec4b5cfa1a7c32eed49607c8431a3f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/gdk-pixbuf-devel-0.22.0-7.x86_64.rpm
       153935 c88445a2fdd3bdddac0197d9b512c941

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/gdk-pixbuf-0.22.0-7.src.rpm
       412324 3e623ef99fd1a0274781637f5af0f176

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/gdk-pixbuf-0.22.0-7.i586.rpm
       187748 a8d35a822a43d2aed1bd4e76104018ab
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/gdk-pixbuf-devel-0.22.0-7.i586.rpm
       149195 ce1a4cd8c375899d14e5b8467d9c3ecc

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/gdk-pixbuf-0.22.0-7.src.rpm
       412324 8a485e97014d78ca43e45abdd124c412

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/gdk-pixbuf-0.22.0-7.i586.rpm
       188170 6f7a4c7918d14442780ff5c9692bd7b6
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/gdk-pixbuf-devel-0.22.0-7.i586.rpm
       149130 807824b68749b9958d96250db83a17f1


 References:

 CVE
   [CAN-2005-2976]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2976
   [CAN-2005-3186]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3186
 

 --------------------------------------------------------------------------
 Revision History
    27 Dec 2005 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2005 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFDsMhMK0LzjOqIJMwRAt6QAKCcRIDQQTKFiOrTpm6TKa/UWgmFpgCfQMr7
w9c9s4uxc0ghrsE2l29iXwg=
=ihJf
-----END PGP SIGNATURE-----




© 1998-2024 E-Soft Inc. All rights reserved.