Debian GNU/Linux
Debian Security Advisory DSA 913-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
December 1st, 2005 http://www.debian.org/security/faq
Package : gdk-pixbuf
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2005-2975 CVE-2005-2976 CVE-2005-3186
BugTraq ID : 15428
Debian Bug : 339431
Several vulnerabilities have been found in gdk-pixbuf, the Gtk+
GdkPixBuf XPM image rendering library. The Common Vulnerabilities
and Exposures project identifies the following problems:
CVE-2005-2975
Ludwig Nussel discovered an infinite loop when processing XPM
images that allows an attacker to cause a denial of service via a
specially crafted XPM file.
CVE-2005-2976
Ludwig Nussel discovered an integer overflow in the way XPM
images are processed that could lead to the execution of arbitrary
code or crash the application via a specially crafted XPM file.
CVE-2005-3186
“infamous41md” discovered an integer in the XPM processing
routine that can be used to execute arbitrary code via a
traditional heap overflow.
The following matrix explains which versions fix these
problems:
| old stable (woody) | stable (sarge) | unstable (sid) | |
| gdk-pixbuf | 0.17.0-2woody3 | 0.22.0-8.1 | 0.22.0-11 |
| gtk+2.0 | 2.0.2-5woody3 | 2.6.4-3.1 | 2.6.10-2 |
We recommend that you upgrade your gdk-pixbuf packages.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.17.0-2woody3.dsc
Size/MD5 checksum: 706
148ab895e798cb66959ae0bf7c725424
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.17.0-2woody3.diff.gz
Size/MD5 checksum: 20031
7851718d740e6e6a629e462b87269234
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.17.0.orig.tar.gz
Size/MD5 checksum: 547194
021914ad9104f265527c28220315e542
Alpha architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_alpha.deb
Size/MD5 checksum: 177066
edf14dd71b77d893ca27c7768dd0a9f4
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_alpha.deb
Size/MD5 checksum: 9730
52bcd65497f80d9f9b649f2dff012436
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_alpha.deb
Size/MD5 checksum: 8874
1d7cfd64edf8fc05888e608bbba6edc9
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_alpha.deb
Size/MD5 checksum: 193844
d20a90a4252d8f9ada81eb07b9798f25
ARM architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_arm.deb
Size/MD5 checksum: 156918
7a96bcd45ce4b637283c2b966c1fbbbc
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_arm.deb
Size/MD5 checksum: 8146
b1081dd21eadff238d9b411a71487759
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_arm.deb
Size/MD5 checksum: 7282
b65d0f3169de9ff0bd73289de74be475
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_arm.deb
Size/MD5 checksum: 161486
96ab7f9daf68d8f5317cf8e633e2da29
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_i386.deb
Size/MD5 checksum: 147604
45fbdaa219558095236d758b15ab8da0
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_i386.deb
Size/MD5 checksum: 7602
b0d9ed0671ea6b4abc1311c3b50c2821
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_i386.deb
Size/MD5 checksum: 7142
e125861f4de9b5958e47336332532408
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_i386.deb
Size/MD5 checksum: 151634
8db98edeeeceddca00ab90d23a3377fd
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_ia64.deb
Size/MD5 checksum: 194976
de93fe82b55f27ae64566d9946d0fee9
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_ia64.deb
Size/MD5 checksum: 11016
11b9ec958564155bf58ecef0ce38621f
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_ia64.deb
Size/MD5 checksum: 11076
d425f1ddd7dda9a2b09816976e365da8
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_ia64.deb
Size/MD5 checksum: 229474
69ad68e6ed5ea88df1abdf954e26dfa4
HP Precision architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_hppa.deb
Size/MD5 checksum: 181324
e3543dc0a15a94e57946647fdc777791
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_hppa.deb
Size/MD5 checksum: 9638
b392986cc6d6ddf24a47589f9fc78b5b
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_hppa.deb
Size/MD5 checksum: 9316
3be84377508b98df8f700885dc0bcb13
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_hppa.deb
Size/MD5 checksum: 190026
4741d1df4e66ba1a90758a44a68123ab
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_m68k.deb
Size/MD5 checksum: 142140
505be04e8005f316259cad3025d599c3
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_m68k.deb
Size/MD5 checksum: 7306
3967ebf6db8793d6a86fd294af843260
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_m68k.deb
Size/MD5 checksum: 7016
fb75b5d4d20a3a9f497a154622071d12
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_m68k.deb
Size/MD5 checksum: 156574
12a13ab0e1bd6aa4557d52e433ce0128
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_mips.deb
Size/MD5 checksum: 167564
44823af863fa6eaea95bec78a78f3c48
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_mips.deb
Size/MD5 checksum: 9566
722001dea6d4386afdcaa5503a2734f4
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_mips.deb
Size/MD5 checksum: 8274
8400f88e4c1ccf9d0a0fc1cdfd160818
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_mips.deb
Size/MD5 checksum: 165456
e8f367d5b275641cac0dcdb78dd8b847
Little endian MIPS architecture:
Size/MD5 checksum: 168088
27fe81d3e0d259d0b2f9f1d0cb6b20c3
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_mipsel.deb
Size/MD5 checksum: 9482
4d21b6c2528e39207b4e161ffc9f8bce
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_mipsel.deb
Size/MD5 checksum: 8116
5465609ebc24647a0bb8cce0b855c04a
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_mipsel.deb
Size/MD5 checksum: 165596
9a1e6e006eccecd83d1531e22a5eb69c
PowerPC architecture:
Size/MD5 checksum: 166132
cda8b87f950b3711955c8e3124ee40e1
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_powerpc.deb
Size/MD5 checksum: 9246
6823a85cd60349e4ba10e24884a173fd
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_powerpc.deb
Size/MD5 checksum: 8072
b57e887073c448885cba21df750f7b3c
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_powerpc.deb
Size/MD5 checksum: 171316
d343436d579fbb1a359e076b84480114
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_s390.deb
Size/MD5 checksum: 153500
4e03bafc909b4461adead1162b7b2621
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_s390.deb
Size/MD5 checksum: 7866
20eb416547214564d687c6e1b6dc0d81
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_s390.deb
Size/MD5 checksum: 7564
bc0b59ddcb29b96cbbe839d881a419e2
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_s390.deb
Size/MD5 checksum: 167510
59c3f71ee91508e678a66bf28c983f82
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.17.0-2woody3_sparc.deb
Size/MD5 checksum: 161136
aa671663e7343c7f7f8b47960b558f11
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.17.0-2woody3_sparc.deb
Size/MD5 checksum: 8270
2f7862d0a6f2f98b0d4c6e3e0b6929df
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.17.0-2woody3_sparc.deb
Size/MD5 checksum: 7502
97aac947b5168472b1ab4a6a0399d1c1
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.17.0-2woody3_sparc.deb
Size/MD5 checksum: 167184
9d79c42f3dcba5026069b15e742aafdd
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.22.0-8.1.dsc
Size/MD5 checksum: 709
7a800a91469430a28ab1900ebb92ba83
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.22.0-8.1.diff.gz
Size/MD5 checksum: 372331
20d149f93e8093e4dbb365e9278ce741
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/gdk-pixbuf_0.22.0.orig.tar.gz
Size/MD5 checksum: 519266
4db0503b5a62533db68b03908b981751
Alpha architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_alpha.deb
Size/MD5 checksum: 185780
fbfdd560a6b3591165a757797198e931
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_alpha.deb
Size/MD5 checksum: 10376
3b5273e0e21ee40c5d540a22ff91b99a
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_alpha.deb
Size/MD5 checksum: 8650
c5d672403f8038129d35022515e8a339
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_alpha.deb
Size/MD5 checksum: 205704
22b1261a845cea95520acd68cf6e74ec
AMD64 architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_amd64.deb
Size/MD5 checksum: 155358
8653e4d9403ff7baeefbc7c955b83eb7
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_amd64.deb
Size/MD5 checksum: 8474
ffad5870291f93584f70fa7645b54bdd
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_amd64.deb
Size/MD5 checksum: 7942
d32005b5de994f10f15dfb91a6caf507
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_amd64.deb
Size/MD5 checksum: 183366
6304fdc084b9e2ec433712b091e497c5
ARM architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_arm.deb
Size/MD5 checksum: 153978
e13ef5dd0694f3d0cc5836d2fdbddec0
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_arm.deb
Size/MD5 checksum: 8126
4ef59c62c86c0d567929d0e88fd4ebb9
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_arm.deb
Size/MD5 checksum: 7076
ccc7721296431294a6a657ec5c4bf2a7
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_arm.deb
Size/MD5 checksum: 171352
afe13217c5566e0ecf26950bc9b2f4b5
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_i386.deb
Size/MD5 checksum: 150416
0f2d4af07ce624a4fa3af2e0964e91a3
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_i386.deb
Size/MD5 checksum: 7860
4e0d60fa4cebefe5c434fbe2e5bf16e6
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_i386.deb
Size/MD5 checksum: 7354
3b6d8fc4ebc1314a35c307dd51ec1e1f
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_i386.deb
Size/MD5 checksum: 172140
0f6b383d15e21f02a9db0f3b58d31864
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_ia64.deb
Size/MD5 checksum: 196584
25c9be6f81524a4641c8b7faf3f14b48
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_ia64.deb
Size/MD5 checksum: 10860
a04397bc288e8abe6f8094ac5cdfc8a8
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_ia64.deb
Size/MD5 checksum: 10544
97dec60626ea52e0ce3adf5df0619228
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_ia64.deb
Size/MD5 checksum: 232546
973a9a9a079936e682fe352dfb2eae0a
HP Precision architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_hppa.deb
Size/MD5 checksum: 173056
0960b569e9cc3c6533e4a2394b56b18a
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_hppa.deb
Size/MD5 checksum: 9238
5699f6b933217187a165956a4adcf8c9
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_hppa.deb
Size/MD5 checksum: 9070
e82facecfb3184345b797176110c8795
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_hppa.deb
Size/MD5 checksum: 201596
df67a873b1f1781b5418479802780074
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_m68k.deb
Size/MD5 checksum: 137808
855cd148e584d2a47e15b893bc771076
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_m68k.deb
Size/MD5 checksum: 7114
1c2ffc6287c76e8b656ac4cc8cb45197
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_m68k.deb
Size/MD5 checksum: 6822
b23f138f206443979bef0f0d16429e9f
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_m68k.deb
Size/MD5 checksum: 168122
fec535c555ffcec871f015251bb5d392
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_mips.deb
Size/MD5 checksum: 166212
c3648e5b7be69cb95dd162d1532a4064
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_mips.deb
Size/MD5 checksum: 9512
c4b9a6a610d879af5986eabeb819bd44
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_mips.deb
Size/MD5 checksum: 8084
af031e50f98a270977aac6d3f60c37aa
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_mips.deb
Size/MD5 checksum: 178910
0538e2bfe12f9fcd0d9b391adc4ca403
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_mipsel.deb
Size/MD5 checksum: 167032
2739863166ce8ccdd7a289e47ce94e8f
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_mipsel.deb
Size/MD5 checksum: 9544
cdd63315a97c0ff14fa6982811d25ac4
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_mipsel.deb
Size/MD5 checksum: 8058
a7fee13884e082a5c0646c6723e757f4
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_mipsel.deb
Size/MD5 checksum: 180220
d15b93b2235a05eeba9ab2fdce88327e
PowerPC architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_powerpc.deb
Size/MD5 checksum: 163132
8562f340ba8cba0079fa6c36a5c3a384
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_powerpc.deb
Size/MD5 checksum: 9170
cd1fe56377a4313d54bbce1622c5f10f
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_powerpc.deb
Size/MD5 checksum: 9526
c9f4119ba2c4b9b2a00fd0b44b01358c
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_powerpc.deb
Size/MD5 checksum: 192594
3adc981ada6481239fc3c61af7781da2
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_s390.deb
Size/MD5 checksum: 164994
c92cd17bdead77f5ab59a314208d07ea
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_s390.deb
Size/MD5 checksum: 8168
e4bce7d526b10a608e6238d0fb602131
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_s390.deb
Size/MD5 checksum: 7802
551bdf573b50cff118ff68360a249630
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_s390.deb
Size/MD5 checksum: 184668
d0917c0875e16ab54637f1ac1c299208
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_sparc.deb
Size/MD5 checksum: 155602
8c2980db112716debc75371df0ae3e3a
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_sparc.deb
Size/MD5 checksum: 8130
462d2e5c734a69f942dd73d67224f3d4
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_sparc.deb
Size/MD5 checksum: 7304
4935a0b91d3056e28b8375d99a13181c
http://security.debian.org/pool/updates/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_sparc.deb
Size/MD5 checksum: 174592
93b600efa8160007aa687eb67b63b141
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 914-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
December 1st, 2005 http://www.debian.org/security/faq
Package : horde2
Vulnerability : missing input sanitising
Problem type : remote
Debian-specific: no
CVE ID : CVE-2005-3570
BugTraq ID : 15409
Debian Bug : 338983
A vulnerability has been discovered in horde2, a web application
suite, that allows attackers to insert arbitary script code into
the error web page.
The old stable distribution (woody) does not contain horde2
packages.
For the stable distribution (sarge) this problem has been fixed
in version 2.2.8-1sarge1.
For the unstable distribution (sid) this problem has been fixed
in version 2.2.9-1.
We recommend that you upgrade your horde2 package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge1.dsc
Size/MD5 checksum: 575
fc3d76af255dd93e839ed24cf7c3ba84
http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge1.diff.gz
Size/MD5 checksum: 38308
d87c50a15c7133ba4ca29d99c77d5da1
http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8.orig.tar.gz
Size/MD5 checksum: 683005
89961af4e4488a908147d7b3a0dc3b44
Architecture independent components:
http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge1_all.deb
Size/MD5 checksum: 721182
761d84ac7f89eef150fa21c8b0c79541
These files will probably be moved into the stable distribution
on its next update.
For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>
Fedora Core
Fedora Update Notification
FEDORA-2005-1113
2005-12-01
Product : Fedora Core 4
Name : perl
Version : 5.8.6
Release : 18
Summary : The Perl programming language.
Description :
Perl is a high-level programming language with roots in C, sed, awk
and shell scripting. Perl is good at handling processes and files,
and is especially good at handling text. Perl’s hallmarks are
practicality and efficiency. While it is used to do a lot of
different things, Perl’s most common applications are system
administration utilities and web programming. A large proportion of
the CGI scripts on the web are written in Perl. You need the perl
package installed on your system so that your system can handle
Perl scripts.
Install this package if you want to program in Perl or enable
your system to handle Perl scripts.
Update Information:
Fixed CVE-2005-3962 / CVE-2005-3912:
http://marc.theaimsgroup.com/?l=full-disclosure&m=113342788118630&w=2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912
backported upstream patch #26240
- Thu Dec 1 2005 Jason Vas Dias <jvdias@redhat.com> –
3:5.8.6-18- fix bug 174684 / CVE-2005-3962: sprintf integer overflow
vulnerability backported upstream patch #26240
- fix bug 174684 / CVE-2005-3962: sprintf integer overflow
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
aa078272889a851aeaf38ff508f89872 SRPMS/perl-5.8.6-18.src.rpm
7e93837ef07b54f5c7c6e7d8b0b20ceb ppc/perl-5.8.6-18.ppc.rpm
0cfeefee1aa0d3c855d6b30fb4760d85
ppc/perl-suidperl-5.8.6-18.ppc.rpm
86f0ba709fdca4f3e8751e13f7612fdb
ppc/debug/perl-debuginfo-5.8.6-18.ppc.rpm
6c984a1b3fd930daf5f2662aec10591f
x86_64/perl-5.8.6-18.x86_64.rpm
668ff28c97874e5624f87ee1a54f9e21
x86_64/perl-suidperl-5.8.6-18.x86_64.rpm
fd9bc2eb001abfddbaa0c7880909e065
x86_64/debug/perl-debuginfo-5.8.6-18.x86_64.rpm
896fedda91d64cdd2fcd52590b856eee i386/perl-5.8.6-18.i386.rpm
2e1d33e6d271418977a573e3e511e88b
i386/perl-suidperl-5.8.6-18.i386.rpm
f615e50d08621f2986a8994416e1d36e
i386/debug/perl-debuginfo-5.8.6-18.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.