Subject: Updated mozilla package for LBA-Linux R1
Advisory ID: LBASA-2004:32
Date: Sunday, September 12, 2004
Product: LBA-Linux R1
Problem description:
During a source code audit, Chris Evans discovered a buffer
overflow and integer overflows which affect the libpng code inside
Mozilla. An attacker could create a carefully crafted PNG file in
such a way that it would cause Mozilla to crash or execute
arbitrary code when the image was viewed. (CAN-2004-0597,
CAN-2004-0599)
Subject: Updated cdrecord package for LBA-Linux R1
Advisory ID: LBASA-2004:33
Date: Tuesday, September 14, 2004
Product: LBA-Linux R1
Problem description:
Max Vozeler found that the cdrecord program, which is suid root,
fails to drop euid=0 when it exec()s a program specified by the
user through the $RSH environment variable. This can be abused by a
local attacker to obtain root privileges.
Subject: Updated imlib package for LBA-Linux R1
Advisory ID: LBASA-2004:35
Date: Wednesday, September 15, 2004
Product: LBA-Linux R1
Problem description:
Several heap overflow vulnerabilities have been found in the
imlib BMP image handler. An attacker could create a carefully
crafted BMP file in such a way that it would cause an application
linked with imlib to execute arbitrary code when the file was
opened by a victim. The Common Vulnerabilities and Exposures
project (cve.mitre.org/) has
assigned the name CAN-2004-0817 to this issue.