---

Home Security

Advisories: November 15, 2005

By

Debian GNU/Linux

Debian Security Advisory DSA 896-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
November 15th, 2005 http://www.debian.org/security/faq

Package : linux-ftpd-ssl
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2005-3524
Debian Bug : 339074

A buffer overflow has been discovered in ftpd-ssl, a simple BSD
FTP server with SSL encryption support, that could lead to the
execution of arbitrary code.

The old stable distribution (woody) does not contain
linux-ftpd-ssl packages.

For the stable distribution (sarge) this problem has been fixed
in version 0.17.18+0.3-3sarge1

For the unstable distribution (sid) this problem will be fixed
soon.

We recommend that you upgrade your ftpd-ssl package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/linux-ftpd-ssl_0.17.18+0.3-3sarge1.dsc

      Size/MD5 checksum: 640
f1999dff20d8e5c7bebbdf3ae08d9fbc
    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/linux-ftpd-ssl_0.17.18+0.3-3sarge1.diff.gz

      Size/MD5 checksum: 5157
bb183553291a97a7505dd3eba1ee28aa
    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/linux-ftpd-ssl_0.17.18+0.3.orig.tar.gz

      Size/MD5 checksum: 61388
525f77ad02c5593fa4c5cad9abc337b7

Alpha architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_alpha.deb

      Size/MD5 checksum: 55448
5e4b657d47730305099a47ec2d8c84df

AMD64 architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_amd64.deb

      Size/MD5 checksum: 50938
87ab0d101dc0e1c14d38888231abf11f

ARM architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_arm.deb

      Size/MD5 checksum: 49478
d964f72a931cee99c560c1f348b9f733

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_i386.deb

      Size/MD5 checksum: 48598
6092dcf5345c383959b9b8b3a9d9b65f

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_ia64.deb

      Size/MD5 checksum: 65312
1f80c1ef53e6151a8d7df0ed0f2160cb

HP Precision architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_hppa.deb

      Size/MD5 checksum: 53384
a247343d426eb9ecff838905432943d8

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_m68k.deb

      Size/MD5 checksum: 46112
bedd079aca908ad7f31f7fb8fe0ecab7

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_mips.deb

      Size/MD5 checksum: 52262
fe07040d4d3db4fe2cd4e02c873131ee

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_mipsel.deb

      Size/MD5 checksum: 52074
5b1e112532d8b07ab278d036515d85d3

PowerPC architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_powerpc.deb

      Size/MD5 checksum: 52050
bd09d568c4e634670c698dbe33cd4775

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_s390.deb

      Size/MD5 checksum: 51862
d4cb84830ca8a631ed5e08344e286b18

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/l/linux-ftpd-ssl/ftpd-ssl_0.17.18+0.3-3sarge1_sparc.deb

      Size/MD5 checksum: 48822
d47e7a161940d64f82a7edb87df7ff3e

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 897-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
November 15th, 2005 http://www.debian.org/security/faq

Package : phpsysinfo
Vulnerability : programming errors
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2005-0870 CVE-2005-3347 CVE-2005-3348
Debian Bug : 301118

Several vulnerabilities have been discovered in phpsysinfo, a
PHP based host information application. The Common Vulnerabilities
and Exposures project identifies the following problems:

CVE-2005-0870

Maksymilian Arciemowicz discoverd several cross site scripting
problems, of which not all were fixed in DSA 724.

CVE-2005-3347

Christopher Kunz discovered that local variables get overwritten
unconditionally and are trusted later, which could lead to the
inclusion of arbitrary files.

CVE-2005-3348

Christopher Kunz discovered that user-supplied input is used
unsanitised, causing a HTTP Response splitting problem.

For the old stable distribution (woody) these problems have been
fixed in version 2.0-3woody3.

For the stable distribution (sarge) these problems have been
fixed in version 2.3-4sarge1.

For the unstable distribution (sid) these problems will be fixed
soon.

We recommend that you upgrade your phpsysinfo package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

    http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.0-3woody3.dsc

      Size/MD5 checksum: 622
c6fe8cc0dece352dead56f7319e37191
    http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.0-3woody3.diff.gz

      Size/MD5 checksum: 3091
e7ce790076394c0fc0ddd9bc2fba23cf
    http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.0.orig.tar.gz

      Size/MD5 checksum: 48104
abd184ebc003aeba07d9945bb9c6ff0f

Architecture independent components:

    http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.0-3woody3_all.deb

      Size/MD5 checksum: 42334
4991a7c22521888a9aba3db88e79b6ce

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.3-4sarge1.dsc

      Size/MD5 checksum: 596
12c1913a974e30596f07729d8fb660f9
    http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.3-4sarge1.diff.gz

      Size/MD5 checksum: 9861
0b621fec1be1e26a5dfa160ce9612aac
    http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.3.orig.tar.gz

      Size/MD5 checksum: 163674
8e9a2b7a099e26cbd85f140475512ccc

Architecture independent components:

    http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.3-4sarge1_all.deb

      Size/MD5 checksum: 164704
2ef5fb9eb652f24ecae3f5aa4967fa3d

These files will probably be moved into the stable distribution
on its next update.

For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Fedora Core

Fedora Update Notification
FEDORA-2005-1085
2005-11-15

Product : Fedora Core 4
Name : gdk-pixbuf
Version : 0.22.0
Release : 18.fc4.2
Summary : An image loading library used with GNOME.

Description :
The gdk-pixbuf package contains an image loading library used with
the GNOME GUI desktop environment. The GdkPixBuf library provides
image loading facilities, the rendering of a GdkPixBuf into various
formats (drawables or GdkRGB buffers), and a cache interface.

Update Information:

The gdk-pixbuf package contains an image loading library used
with the GNOME GUI desktop environment.

A bug was found in the way gdk-pixbuf processes XPM images. An
attacker could create a carefully crafted XPM file in such a way
that it could cause an application linked with gdk-pixbuf to
execute arbitrary code when the file was opened by a victim. The
Common Vulnerabilities and Exposures project has assigned the name
CVE-2005-3186 to this issue.

Ludwig Nussel discovered an integer overflow bug in the way
gdk-pixbuf processes XPM images. An attacker could create a
carefully crafted XPM file in such a way that it could cause an
application linked with gdk-pixbuf to execute arbitrary code or
crash when the file was opened by a victim. The Common
Vulnerabilities and Exposures project has assigned the name
CVE-2005-2976 to this issue.

Ludwig Nussel also discovered an infinite-loop denial of service
bug in the way gdk-pixbuf processes XPM images. An attacker could
create a carefully crafted XPM file in such a way that it could
cause an application linked with gdk-pixbuf to stop responding when
the file was opened by a victim. The Common Vulnerabilities and
Exposures project has assigned the name CVE-2005-2975 to this
issue.

Users of gdk-pixbuf are advised to upgrade to these updated
packages, which contain backported patches and are not vulnerable
to these issues.

  • Mon Oct 31 2005 Matthias Clasen <mclasen@redhat.com> –
    1:0.22.0-18.fc4.2

    • Prevent another integer overflow in the xpm loader (#171901,
      CVE-2005-2976)
    • Prevent an infinite loop in the xpm loader (#171901,
      CVE-2005-2976)
  • Wed Oct 19 2005 Matthias Clasen <mclasen@redhat.com> –
    1:0.22.0-18.fc4.1

    • Prevent an integer overflow in the xpm loader (#171073,
      CVE-2005-3186)

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

7c780b05008f3e1999bf8abbb0bb7b7a
SRPMS/gdk-pixbuf-0.22.0-18.fc4.2.src.rpm
599efb60ec868f5242a4ca353c0b1ef6
ppc/gdk-pixbuf-0.22.0-18.fc4.2.ppc.rpm
1f18e28bf51ab6e7fb6bd064d91cbd17
ppc/gdk-pixbuf-devel-0.22.0-18.fc4.2.ppc.rpm
1905bece6ab5f5b4c49de5ff2a39e201
ppc/gdk-pixbuf-gnome-0.22.0-18.fc4.2.ppc.rpm
eefdf10dfdd1cd5ba10f81136e0c6662
ppc/debug/gdk-pixbuf-debuginfo-0.22.0-18.fc4.2.ppc.rpm
4e478e20404e7167b5b6f30efcd80ed9
ppc/gdk-pixbuf-0.22.0-18.fc4.2.ppc64.rpm
7f2a934348fba04f2a8e9a210701406f
x86_64/gdk-pixbuf-0.22.0-18.fc4.2.x86_64.rpm
861b6a186287685c4383e91f1353b77a
x86_64/gdk-pixbuf-devel-0.22.0-18.fc4.2.x86_64.rpm
0e760f0a8385a1919962b9f684dabf1c
x86_64/gdk-pixbuf-gnome-0.22.0-18.fc4.2.x86_64.rpm
9ef3e8849f5706bc6dc71559af1b056d
x86_64/debug/gdk-pixbuf-debuginfo-0.22.0-18.fc4.2.x86_64.rpm
212ce3ac8b0fe3f767048a2186cb3766
x86_64/gdk-pixbuf-0.22.0-18.fc4.2.i386.rpm
212ce3ac8b0fe3f767048a2186cb3766
i386/gdk-pixbuf-0.22.0-18.fc4.2.i386.rpm
7e0136afe88fd82d236a2e04ab76bc9a
i386/gdk-pixbuf-devel-0.22.0-18.fc4.2.i386.rpm
8128ef8c06fcf1dfb952c84912cab910
i386/gdk-pixbuf-gnome-0.22.0-18.fc4.2.i386.rpm
1fa0933b6e9c7d21fca40b96a162a623
i386/debug/gdk-pixbuf-debuginfo-0.22.0-18.fc4.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Fedora Update Notification
FEDORA-2005-1086
2005-11-15

Product : Fedora Core 3
Name : gdk-pixbuf
Version : 0.22.0
Release : 16.fc3.3
Summary : An image loading library used with GNOME.

Description :
The gdk-pixbuf package contains an image loading library used with
the GNOME GUI desktop environment. The GdkPixBuf library provides
image loading facilities, the rendering of a GdkPixBuf into various
formats (drawables or GdkRGB buffers), and a cache interface.

Update Information:

The gdk-pixbuf package contains an image loading library used
with the GNOME GUI desktop environment.

A bug was found in the way gdk-pixbuf processes XPM images. An
attacker could create a carefully crafted XPM file in such a way
that it could cause an application linked with gdk-pixbuf to
execute arbitrary code when the file was opened by a victim. The
Common Vulnerabilities and Exposures project has assigned the name
CVE-2005-3186 to this issue.

Ludwig Nussel discovered an integer overflow bug in the way
gdk-pixbuf processes XPM images. An attacker could create a
carefully crafted XPM file in such a way that it could cause an
application linked with gdk-pixbuf to execute arbitrary code or
crash when the file was opened by a victim. The Common
Vulnerabilities and Exposures project has assigned the name
CVE-2005-2976 to this issue.

Ludwig Nussel also discovered an infinite-loop denial of service
bug in the way gdk-pixbuf processes XPM images. An attacker could
create a carefully crafted XPM file in such a way that it could
cause an application linked with gdk-pixbuf to stop responding when
the file was opened by a victim. The Common Vulnerabilities and
Exposures project has assigned the name CVE-2005-2975 to this
issue.

Users of gdk-pixbuf are advised to upgrade to these updated
packages, which contain backported patches and are not vulnerable
to these issues.

  • Mon Oct 31 2005 Matthias Clasen <mclasen@redhat.com> –
    1:0.22.0-16.fc3.3
  • Prevent another integer overflow in the xpm loader (#171901,
    CVE-2005-2976)
  • Prevent an infinite loop in the xpm loader (#171901,
    CVE-2005-2976)
  • Wed Oct 19 2005 Matthias Clasen <mclasen@redhat.com> –
    1:0.22.0-16.fc3.2
  • Prevent an integer overflow in the xpm loader (#171073,
    CVE-2005-3186)
  • Backport the noexecstack patch from FC-4

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

36ab9c1c4f1cd6e9b1797da558737ff7
SRPMS/gdk-pixbuf-0.22.0-16.fc3.3.src.rpm
d3246e0d9f3f4c34e0f927a1e236be25
x86_64/gdk-pixbuf-0.22.0-16.fc3.3.x86_64.rpm
9672ba672933f8b4a8f2970395afe517
x86_64/gdk-pixbuf-devel-0.22.0-16.fc3.3.x86_64.rpm
b6d4bb7e18c74776e64cb4336da1bf37
x86_64/gdk-pixbuf-gnome-0.22.0-16.fc3.3.x86_64.rpm
8932ddbd550b967b0fa527a1094ff007
x86_64/debug/gdk-pixbuf-debuginfo-0.22.0-16.fc3.3.x86_64.rpm
726dcbf604c857dd1a7e052cbd866d56
x86_64/gdk-pixbuf-0.22.0-16.fc3.3.i386.rpm
726dcbf604c857dd1a7e052cbd866d56
i386/gdk-pixbuf-0.22.0-16.fc3.3.i386.rpm
0b0866675e8a54cde5bd750fce59195f
i386/gdk-pixbuf-devel-0.22.0-16.fc3.3.i386.rpm
fe1596cf330e88c2f4c15155207ea30d
i386/gdk-pixbuf-gnome-0.22.0-16.fc3.3.i386.rpm
f3cf4719daf4ba9fbf6e558a45fb4c67
i386/debug/gdk-pixbuf-debuginfo-0.22.0-16.fc3.3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Fedora Update Notification
FEDORA-2005-1087
2005-11-15

Product : Fedora Core 3
Name : gtk2
Version : 2.4.14
Release : 4.fc3.3
Summary : The GIMP ToolKit (GTK+), a library for creating GUIs for
X.

Description :
GTK+ is a multi-platform toolkit for creating graphical user
interfaces. Offering a complete set of widgets, GTK+ is suitable
for projects ranging from small one-off tools to complete
application suites.

Update Information:

The gtk2 package contains the GIMP ToolKit (GTK+), a library for
creating graphical user interfaces for the X Window System.

A bug was found in the way gtk2 processes XPM images. An
attacker could create a carefully crafted XPM file in such a way
that it could cause an application linked with gtk2 to execute
arbitrary code when the file was opened by a victim. The Common
Vulnerabilities and Exposures project has assigned the name
CVE-2005-3186 to this issue.

Ludwig Nussel discovered an infinite-loop denial of service bug
in the way gtk2 processes XPM images. An attacker could create a
carefully crafted XPM file in such a way that it could cause an
application linked with gtk2 to stop responding when the file was
opened by a victim. The Common Vulnerabilities and Exposures
project has assigned the name CVE-2005-2975 to this issue.

Users of gtk2 are advised to upgrade to these updated packages,
which contain backported patches and are not vulnerable to these
issues.

  • Mon Oct 31 2005 Matthias Clasen <mclasen@redhat.com> –
    2.4.14-3.fc3.3

    • Prevent an infinite loop in the xpm loader (#171905,
      CVE-2005-2975)
  • Wed Oct 19 2005 Matthias Clasen <mclasen@redhat.com> –
    2.4.14-3.fc3.1

    • Prevent an integer overflow in the xpm loader (#171072,
      CAN-2005-3186)

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

44f37d231bffc16d7e516a7798007bb1
SRPMS/gtk2-2.4.14-4.fc3.3.src.rpm
1f9f05dd279c8454591bbd315cb2e542
x86_64/gtk2-2.4.14-4.fc3.3.x86_64.rpm
3aa5941eb7d4f254f4947bd795d3918a
x86_64/gtk2-devel-2.4.14-4.fc3.3.x86_64.rpm
edf32a673b31f5de843243cd742c2bbf
x86_64/debug/gtk2-debuginfo-2.4.14-4.fc3.3.x86_64.rpm
5c55dcfe8e8854ecf26bc915c7dce15f
x86_64/gtk2-2.4.14-4.fc3.3.i386.rpm
5c55dcfe8e8854ecf26bc915c7dce15f
i386/gtk2-2.4.14-4.fc3.3.i386.rpm
bcdc3b7f967cd4783c453a0fbf6c8fc9
i386/gtk2-devel-2.4.14-4.fc3.3.i386.rpm
09a8d4d38180ca97fe905bc9c0f152bb
i386/debug/gtk2-debuginfo-2.4.14-4.fc3.3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Fedora Update Notification
FEDORA-2005-1088
2005-11-15

Product : Fedora Core 4
Name : gtk2
Version : 2.6.10
Release : 2.fc4.4
Summary : The GIMP ToolKit (GTK+), a library for creating GUIs for
X.

Description :
GTK+ is a multi-platform toolkit for creating graphical user
interfaces. Offering a complete set of widgets, GTK+ is suitable
for projects ranging from small one-off tools to complete
application suites.

Update Information:

The gtk2 package contains the GIMP ToolKit (GTK+), a library for
creating graphical user interfaces for the X Window System.

A bug was found in the way gtk2 processes XPM images. An
attacker could create a carefully crafted XPM file in such a way
that it could cause an application linked with gtk2 to execute
arbitrary code when the file was opened by a victim. The Common
Vulnerabilities and Exposures project has assigned the name
CVE-2005-3186 to this issue.

Ludwig Nussel discovered an infinite-loop denial of service bug
in the way gtk2 processes XPM images. An attacker could create a
carefully crafted XPM file in such a way that it could cause an
application linked with gtk2 to stop responding when the file was
opened by a victim. The Common Vulnerabilities and Exposures
project has assigned the name CVE-2005-2975 to this issue.

Users of gtk2 are advised to upgrade to these updated packages,
which contain backported patches and are not vulnerable to these
issues.

  • Mon Oct 31 2005 Matthias Clasen <mclasen@redhat.com> –
    2.6.10-2.fc4.4

    • Prevent an infinite loop in the xpm loader (#171905,
      CVE-2005-2975)
  • Wed Oct 19 2005 Matthias Clasen <mclasen@redhat.com> –
    2.6.10-2.fc4.2

    • Prevent an integer overflow in the xpm loader (#171075,
      CAN-2005-3186)

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

8b6c8d169a2077aec57fb1551e6b032d
SRPMS/gtk2-2.6.10-2.fc4.4.src.rpm
5a1ab1b673c5a2efbdd75e23ad206945
ppc/gtk2-2.6.10-2.fc4.4.ppc.rpm
7880fe183673db71572a166571e5a91d
ppc/gtk2-devel-2.6.10-2.fc4.4.ppc.rpm
52958efbd0796646ad0c1ca43a086009
ppc/debug/gtk2-debuginfo-2.6.10-2.fc4.4.ppc.rpm
ef8f41011dc23c3c1432ac81b6965632
ppc/gtk2-2.6.10-2.fc4.4.ppc64.rpm
b1e55459ebf53ad98c7c991c4a771539
x86_64/gtk2-2.6.10-2.fc4.4.x86_64.rpm
eb387f58aabad431bc6ac4e9c377c81f
x86_64/gtk2-devel-2.6.10-2.fc4.4.x86_64.rpm
ed1e986aaca3a7d6fe01efaa5227de1e
x86_64/debug/gtk2-debuginfo-2.6.10-2.fc4.4.x86_64.rpm
06c4edc69cd8cefc88e0745c9cbad651
x86_64/gtk2-2.6.10-2.fc4.4.i386.rpm
06c4edc69cd8cefc88e0745c9cbad651
i386/gtk2-2.6.10-2.fc4.4.i386.rpm
e9f0a994835b3666c1b85f38121e3251
i386/gtk2-devel-2.6.10-2.fc4.4.i386.rpm
d5ab5b36abd4882a3f0d6081179959d3
i386/debug/gtk2-debuginfo-2.6.10-2.fc4.4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Fedora Legacy

Fedora Legacy Update Advisory

Synopsis: Updated xchat package fixes security issue
Advisory ID: FLSA:123013
Issue date: 2005-11-14
Product: Fedora Core
Keywords: Bugfix
CVE Names: CVE-2004-0409

1. Topic:

An updated xchat package that fixes a security bug is now
available.

X-Chat is a graphical IRC chat client for the X Window
System.

2. Relevant releases/architectures:

Fedora Core 1 – i386
Fedora Core 2 – i386

3. Problem description:

A stack buffer overflow flaw was found in the X-Chat’s Socks-5
proxy code. An attacker could create a malicious Socks-5 proxy
server in such a way that X-Chat would execute arbitrary code if a
victim configured X-Chat to use the proxy. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2004-0409 to this issue.

Users of X-Chat should upgrade to this updated package which
contains a backported security patch and is not vulnerable to this
issue.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt.
Many people find this an easier way to apply updates. To use yum
issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that
you have yum or apt-get configured for obtaining Fedora Legacy
content. Please visit http://www.fedoralegacy.org/docs
for directions on how to configure yum and apt-get.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=123013

6. RPMs required:

Fedora Core 1:

SRPM:

http://download.fedoralegacy.org/fedora/1/updates/SRPMS/xchat-2.0.7-1.FC1.1.legacy.src.rpm

i386:

http://download.fedoralegacy.org/fedora/1/updates/i386/xchat-2.0.7-1.FC1.1.legacy.i386.rpm

Fedora Core 2:

SRPM:

http://download.fedoralegacy.org/fedora/2/updates/SRPMS/xchat-2.0.7-5.1.legacy.src.rpm

i386:

http://download.fedoralegacy.org/fedora/2/updates/i386/xchat-2.0.7-5.1.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name

949871bada73a7e47b412e04b296fb8e661a6889
fedora/1/updates/i386/xchat-2.0.7-1.FC1.1.legacy.i386.rpm
e9defab76a100c3c066b85a9fa83ebcd1527ce71
fedora/1/updates/SRPMS/xchat-2.0.7-1.FC1.1.legacy.src.rpm
557e51ab8c91c4e824c132b4e58fc372ba6bf4c7
fedora/2/updates/i386/xchat-2.0.7-5.1.legacy.i386.rpm
4e856255dd724c8364556e792c162b1f0fbc29ea
fedora/2/updates/SRPMS/xchat-2.0.7-5.1.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our
key is available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the sha1sum with the
following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0409

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>.
More project details at http://www.fedoralegacy.org

Fedora Legacy Update Advisory

Synopsis: Updated rp-pppoe package fixes security issue
Advisory ID: FLSA:152794
Issue date: 2005-11-14
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
CVE Names: CVE-2004-0564

1. Topic:

An updated rp-pppoe package that fixes a security vulnerability
is now available.

The rp-pppoe package is a PPP over Ethernet client (for xDSL
support).

2. Relevant releases/architectures:

Red Hat Linux 7.3 – i386
Red Hat Linux 9 – i386
Fedora Core 1 – i386

3. Problem description:

Max Vozeler discovered a vulnerability in pppoe, the PPP over
Ethernet driver from Roaring Penguin. When the program is running
setuid root (which is not the case in a default Red Hat Linux or
Fedora Core installation), an attacker could overwrite any file on
the file system. The Common Vulnerabilities and Exposures project
(cve.mitre.org/) has assigned
the name CVE-2004-0564 to this issue.

All users of rp-pppoe should upgrade to this updated package,
which resolves this issue.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt.
Many people find this an easier way to apply updates. To use yum
issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that
you have yum or apt-get configured for obtaining Fedora Legacy
content. Please visit http://www.fedoralegacy.org/docs
for directions on how to configure yum and apt-get.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152794

6. RPMs required:

Red Hat Linux 7.3:
SRPM:

http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/rp-pppoe-3.3-10.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/7.3/updates/i386/rp-pppoe-3.3-10.legacy.i386.rpm

Red Hat Linux 9:

SRPM:

http://download.fedoralegacy.org/redhat/9/updates/SRPMS/rp-pppoe-3.5-2.2.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/9/updates/i386/rp-pppoe-3.5-2.2.legacy.i386.rpm

Fedora Core 1:

SRPM:

http://download.fedoralegacy.org/fedora/1/updates/SRPMS/rp-pppoe-3.5-8.2.legacy.src.rpm

i386:

http://download.fedoralegacy.org/fedora/1/updates/i386/rp-pppoe-3.5-8.2.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name

3f7646466059606af82392573647db2757a07184
redhat/7.3/updates/i386/rp-pppoe-3.3-10.legacy.i386.rpm
0c9fdb6d3ad087cdedef83dc564ae1b21d8f5bab
redhat/7.3/updates/SRPMS/rp-pppoe-3.3-10.legacy.src.rpm
dda91513cd724e0175550465b19c8fab00876f9a
redhat/9/updates/i386/rp-pppoe-3.5-2.2.legacy.i386.rpm
a5806f7bbcb5cd62f33a9b36904d08548da976b8
redhat/9/updates/SRPMS/rp-pppoe-3.5-2.2.legacy.src.rpm
8f808a8239aeebf880c9b9b894531dd26db849a9
fedora/1/updates/i386/rp-pppoe-3.5-8.2.legacy.i386.rpm
ef55f4b9380d5551129f806ae76ba548bfb7bdb4
fedora/1/updates/SRPMS/rp-pppoe-3.5-8.2.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our
key is available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the sha1sum with the
following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0564

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>.
More project details at http://www.fedoralegacy.org

Fedora Legacy Update Advisory

Synopsis: Updated bzip2 packages fix security issues
Advisory ID: FLSA:158801
Issue date: 2005-11-14
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
CVE Names: CVE-2005-0758 CVE-2005-0953 CVE-2005-1260

1. Topic:

Updated bzip2 packages that fix multiple issues are now
available.

Bzip2 is a data compressor.

2. Relevant releases/architectures:

Red Hat Linux 7.3 – i386
Red Hat Linux 9 – i386
Fedora Core 1 – i386
Fedora Core 2 – i386

3. Problem description:

A bug was found in the way bzgrep processes file names. If a
user can be tricked into running bzgrep on a file with a carefully
crafted file name, arbitrary commands could be executed as the user
running bzgrep. The Common Vulnerabilities and Exposures project
(cve.mitre.org/) has assigned
the name CVE-2005-0758 to this issue.

A bug was found in the way bzip2 modifies file permissions
during decompression. If an attacker has write access to the
directory into which bzip2 is decompressing files, it is possible
for them to modify permissions on files owned by the user running
bzip2 (CVE-2005-0953).

A bug was found in the way bzip2 decompresses files. It is
possible for an attacker to create a specially crafted bzip2 file
which will cause bzip2 to cause a denial of service (by filling
disk space) if decompressed by a victim (CVE-2005-1260).

Users of Bzip2 should upgrade to these updated packages, which
contain backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt.
Many people find this an easier way to apply updates. To use yum
issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that
you have yum or apt-get configured for obtaining Fedora Legacy
content. Please visit http://www.fedoralegacy.org/docs
for directions on how to configure yum and apt-get.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158801

6. RPMs required:

Red Hat Linux 7.3:
SRPM:

http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/bzip2-1.0.2-2.2.73.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/7.3/updates/i386/bzip2-1.0.2-2.2.73.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/7.3/updates/i386/bzip2-devel-1.0.2-2.2.73.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/7.3/updates/i386/bzip2-libs-1.0.2-2.2.73.legacy.i386.rpm

Red Hat Linux 9:

SRPM:

http://download.fedoralegacy.org/redhat/9/updates/SRPMS/bzip2-1.0.2-8.1.90.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/9/updates/i386/bzip2-1.0.2-8.1.90.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/9/updates/i386/bzip2-devel-1.0.2-8.1.90.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/9/updates/i386/bzip2-libs-1.0.2-8.1.90.legacy.i386.rpm

Fedora Core 1:

SRPM:

http://download.fedoralegacy.org/fedora/1/updates/SRPMS/bzip2-1.0.2-10.1.fc1.legacy.src.rpm

i386:

http://download.fedoralegacy.org/fedora/1/updates/i386/bzip2-1.0.2-10.1.fc1.legacy.i386.rpm


http://download.fedoralegacy.org/fedora/1/updates/i386/bzip2-devel-1.0.2-10.1.fc1.legacy.i386.rpm


http://download.fedoralegacy.org/fedora/1/updates/i386/bzip2-libs-1.0.2-10.1.fc1.legacy.i386.rpm

Fedora Core 2:

SRPM:

http://download.fedoralegacy.org/fedora/2/updates/SRPMS/bzip2-1.0.2-12.2.fc2.legacy.src.rpm

i386:

http://download.fedoralegacy.org/fedora/2/updates/i386/bzip2-1.0.2-12.2.fc2.legacy.i386.rpm


http://download.fedoralegacy.org/fedora/2/updates/i386/bzip2-devel-1.0.2-12.2.fc2.legacy.i386.rpm


http://download.fedoralegacy.org/fedora/2/updates/i386/bzip2-libs-1.0.2-12.2.fc2.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name

2d0d5267210ceefd6e2ed80187c2f6e3d994e4a0
redhat/7.3/updates/i386/bzip2-1.0.2-2.2.73.legacy.i386.rpm
e661f6bf518498c375918577fc3414978a190d78
redhat/7.3/updates/i386/bzip2-devel-1.0.2-2.2.73.legacy.i386.rpm

0c1bd4a4472ca70183b104438db1a9ef98db4969
redhat/7.3/updates/i386/bzip2-libs-1.0.2-2.2.73.legacy.i386.rpm
f146cb7edfa74345c42831f24cb95c7898db3064
redhat/7.3/updates/SRPMS/bzip2-1.0.2-2.2.73.legacy.src.rpm
36b3b8abb700fe93d14064ce22176ed59aef0b9b
redhat/9/updates/i386/bzip2-1.0.2-8.1.90.legacy.i386.rpm
3ce61caa59d4c9a90e2412ebd5bae76500e4e462
redhat/9/updates/i386/bzip2-devel-1.0.2-8.1.90.legacy.i386.rpm
905c29052192f032dac84be0860013837b65f8d4
redhat/9/updates/i386/bzip2-libs-1.0.2-8.1.90.legacy.i386.rpm
bdbf201ea36551c1f5eacff3707656fd5e099c75
redhat/9/updates/SRPMS/bzip2-1.0.2-8.1.90.legacy.src.rpm
56b7883ada43718a80577ddcbdbc8bc24072765d
fedora/1/updates/i386/bzip2-1.0.2-10.1.fc1.legacy.i386.rpm
472cee03d32c68e0a0feba56a265c42d208ea5d4
fedora/1/updates/i386/bzip2-devel-1.0.2-10.1.fc1.legacy.i386.rpm

94abc962a1b84373813c558d4d3d44993722bb16
fedora/1/updates/i386/bzip2-libs-1.0.2-10.1.fc1.legacy.i386.rpm
7ce97f2488338b9d0e4b136b63c04e80c7a27394
fedora/1/updates/SRPMS/bzip2-1.0.2-10.1.fc1.legacy.src.rpm
c2821d2326bdff302a8b38ab6baec2930da4ca6b
fedora/2/updates/i386/bzip2-1.0.2-12.2.fc2.legacy.i386.rpm
d1ba1f61d62970f0d97af8813956771b471fbc81
fedora/2/updates/i386/bzip2-devel-1.0.2-12.2.fc2.legacy.i386.rpm

c8cf989f3683f4313d4a0caf7695673f48e405e7
fedora/2/updates/i386/bzip2-libs-1.0.2-12.2.fc2.legacy.i386.rpm
1ac418e19c22613a3cc4d71ee304a9d304af50e6
fedora/2/updates/SRPMS/bzip2-1.0.2-12.2.fc2.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our
key is available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the sha1sum with the
following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0758

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0953

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1260

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>.
More project details at http://www.fedoralegacy.org

Gentoo Linux

Gentoo Linux Security Advisory GLSA 200511-12

http://security.gentoo.org/

Severity: High
Title: Scorched 3D: Multiple vulnerabilities
Date: November 15, 2005
Bugs: #111421
ID: 200511-12

Synopsis

Multiple vulnerabilities in Scorched 3D allow a remote attacker
to deny service or execute arbitrary code on game servers.

Background

Scorched 3D is a clone of the classic “Scorched Earth” DOS game,
adding features like a 3D island environment and Internet
multiplayer capabilities.

Affected packages

     Package                    /  Vulnerable  /            Unaffected

  1  games-strategy/scorched3d       <= 39.1               Vulnerable!



     NOTE: Certain packages are still vulnerable. Users should migrate
           to another package if one is available or wait for the
           existing packages to be marked stable by their
           architecture maintainers.

Description

Luigi Auriemma discovered multiple flaws in the Scorched 3D game
server, including a format string vulnerability and several buffer
overflows.

Impact

A remote attacker can exploit these vulnerabilities to crash a
game server or execute arbitrary code with the rights of the game
server user. Users not running a Scorched 3D game server are not
affected by these flaws.

Workaround

There is no known workaround at this time.

Resolution

The Scorched 3D package has been hard-masked until a new version
correcting these flaws is released. In the meantime, current users
are advised to unmerge the package:

    # emerge --unmerge games-strategy/scorched3d

References

[ 1 ] Original advisory

http://seclists.org/lists/fulldisclosure/2005/Nov/0079.html

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200511-12.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Red Hat Linux

Red Hat Security Advisory

Synopsis: Important: gdk-pixbuf security update
Advisory ID: RHSA-2005:810-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-810.html

Issue date: 2005-11-15
Updated on: 2005-11-15
Product: Red Hat Enterprise Linux
CVE Names: CVE-2005-3186 CVE-2005-2976 CVE-2005-2975

1. Summary:

Updated gdk-pixbuf packages that fix several security issues are
now available.

This update has been rated as having important security impact
by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 –
i386, ia64
Red Hat Linux Advanced Workstation 2.1 – ia64
Red Hat Enterprise Linux ES version 2.1 – i386
Red Hat Enterprise Linux WS version 2.1 – i386
Red Hat Enterprise Linux AS version 3 – i386, ia64, ppc, s390,
s390x, x86_64
Red Hat Desktop version 3 – i386, x86_64
Red Hat Enterprise Linux ES version 3 – i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 – i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 – i386, ia64, ppc, s390,
s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 – i386, x86_64
Red Hat Enterprise Linux ES version 4 – i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 – i386, ia64, x86_64

3. Problem description:

The gdk-pixbuf package contains an image loading library used
with the GNOME GUI desktop environment.

A bug was found in the way gdk-pixbuf processes XPM images. An
attacker could create a carefully crafted XPM file in such a way
that it could cause an application linked with gdk-pixbuf to
execute arbitrary code when the file was opened by a victim. The
Common Vulnerabilities and Exposures project has assigned the name
CVE-2005-3186 to this issue.

Ludwig Nussel discovered an integer overflow bug in the way
gdk-pixbuf processes XPM images. An attacker could create a
carefully crafted XPM file in such a way that it could cause an
application linked with gdk-pixbuf to execute arbitrary code or
crash when the file was opened by a victim. The Common
Vulnerabilities and Exposures project has assigned the name
CVE-2005-2976 to this issue.

Ludwig Nussel also discovered an infinite-loop denial of service
bug in the way gdk-pixbuf processes XPM images. An attacker could
create a carefully crafted XPM file in such a way that it could
cause an application linked with gdk-pixbuf to stop responding when
the file was opened by a victim. The Common Vulnerabilities and
Exposures project has assigned the name CVE-2005-2975 to this
issue.

Users of gdk-pixbuf are advised to upgrade to these updated
packages, which contain backported patches and are not vulnerable
to these issues.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat
Network, launch the Red Hat Update Agent with the following
command:

up2date

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

171071 – CVE-2005-3186 XPM buffer overflow 171900 –
CVE-2005-2975 Multiple XPM processing issues (CVE-2005-2976)

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:

ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el2.3.src.rpm

5bea8970a777c2e2197c343d64669f1a
gdk-pixbuf-0.22.0-12.el2.3.src.rpm

i386:
28ad503e6c7cf397277bf9d60b2b64b8
gdk-pixbuf-0.22.0-12.el2.3.i386.rpm
7d4d3f1c4492eb2aaded956ad8028e2e
gdk-pixbuf-devel-0.22.0-12.el2.3.i386.rpm
54833c2b7785977352d13fa3fe534c24
gdk-pixbuf-gnome-0.22.0-12.el2.3.i386.rpm

ia64:
cc7b986a3d8513a9d6b851b7d6650158
gdk-pixbuf-0.22.0-12.el2.3.ia64.rpm
3fe74f7116a28990f296154a45dfcdd7
gdk-pixbuf-devel-0.22.0-12.el2.3.ia64.rpm
401c82d6c91904940173f42618b696ee
gdk-pixbuf-gnome-0.22.0-12.el2.3.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:

ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el2.3.src.rpm

5bea8970a777c2e2197c343d64669f1a
gdk-pixbuf-0.22.0-12.el2.3.src.rpm

ia64:
cc7b986a3d8513a9d6b851b7d6650158
gdk-pixbuf-0.22.0-12.el2.3.ia64.rpm
3fe74f7116a28990f296154a45dfcdd7
gdk-pixbuf-devel-0.22.0-12.el2.3.ia64.rpm
401c82d6c91904940173f42618b696ee
gdk-pixbuf-gnome-0.22.0-12.el2.3.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:

ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el2.3.src.rpm

5bea8970a777c2e2197c343d64669f1a
gdk-pixbuf-0.22.0-12.el2.3.src.rpm

i386:
28ad503e6c7cf397277bf9d60b2b64b8
gdk-pixbuf-0.22.0-12.el2.3.i386.rpm
7d4d3f1c4492eb2aaded956ad8028e2e
gdk-pixbuf-devel-0.22.0-12.el2.3.i386.rpm
54833c2b7785977352d13fa3fe534c24
gdk-pixbuf-gnome-0.22.0-12.el2.3.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:

ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gdk-pixbuf-0.22.0-12.el2.3.src.rpm

5bea8970a777c2e2197c343d64669f1a
gdk-pixbuf-0.22.0-12.el2.3.src.rpm

i386:
28ad503e6c7cf397277bf9d60b2b64b8
gdk-pixbuf-0.22.0-12.el2.3.i386.rpm
7d4d3f1c4492eb2aaded956ad8028e2e
gdk-pixbuf-devel-0.22.0-12.el2.3.i386.rpm
54833c2b7785977352d13fa3fe534c24
gdk-pixbuf-gnome-0.22.0-12.el2.3.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:

ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gdk-pixbuf-0.22.0-13.el3.3.src.rpm

ebe0b3e9475a081fb1e440859b18aa41
gdk-pixbuf-0.22.0-13.el3.3.src.rpm

i386:
a0a20b4a1f1a026ed4c27eb4d6dcd2dd
gdk-pixbuf-0.22.0-13.el3.3.i386.rpm
b9a4428f150b1a2b254c28ec1ef3ad68
gdk-pixbuf-devel-0.22.0-13.el3.3.i386.rpm
233cf43c7684265346a2870106827dbb
gdk-pixbuf-gnome-0.22.0-13.el3.3.i386.rpm

ia64:
a0a20b4a1f1a026ed4c27eb4d6dcd2dd
gdk-pixbuf-0.22.0-13.el3.3.i386.rpm
833a671af2cd66a28ce7e2bf12eee13e
gdk-pixbuf-0.22.0-13.el3.3.ia64.rpm
315df07a3664142ad20253967e745b88
gdk-pixbuf-devel-0.22.0-13.el3.3.ia64.rpm
470d6728d82db236cdd4ca49fe39e290
gdk-pixbuf-gnome-0.22.0-13.el3.3.ia64.rpm

ppc:
a18a4ce7200859ec784b24715c91b7b0
gdk-pixbuf-0.22.0-13.el3.3.ppc.rpm
aeeeb699b739c135e0e5c8413a171ead
gdk-pixbuf-0.22.0-13.el3.3.ppc64.rpm
c6b914ee5245697f917438fe5cb72247
gdk-pixbuf-devel-0.22.0-13.el3.3.ppc.rpm
418d51ffeb3c3b60ab3683a6b23d6b26
gdk-pixbuf-gnome-0.22.0-13.el3.3.ppc.rpm

s390:
1ee53f56d6e7a53e1b765dd67d6f21fb
gdk-pixbuf-0.22.0-13.el3.3.s390.rpm
e5913217d5e52b6bcdfcc

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.