[gentoo-announce] [ GLSA 200409-28 ] GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities - gentoo-announce

From:	Thierry Carrez <koon@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200409-28 ] GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities
Date:	Tue, 21 Sep 2004 20:52:54
Message-Id:	`41509458.9030300@gentoo.org`

1

-----BEGIN PGP SIGNED MESSAGE-----

2

Hash: SHA1

3

4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

5

Gentoo Linux Security Advisory                           GLSA 200409-28

6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

7

                                            http://security.gentoo.org/

8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

9

10

  Severity: Normal

11

     Title: GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities

12

      Date: September 21, 2004

13

      Bugs: #64230

14

        ID: 200409-28

15

16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

17

18

Synopsis

19

========

20

21

The GdkPixbuf library, which is also included in GTK+ 2, contains

22

several vulnerabilities that could lead to a Denial of Service or the

23

execution of arbitrary code.

24

25

Background

26

==========

27

28

GTK+ (GIMP Toolkit +) is a toolkit for creating graphical user

29

interfaces. The GdkPixbuf library provides facilities for image

30

handling. It is available as a standalone library as well as shipped

31

with GTK+ 2.

32

33

Affected packages

34

=================

35

36

    -------------------------------------------------------------------

37

     Package                /   Vulnerable   /              Unaffected

38

    -------------------------------------------------------------------

39

  1  x11-libs/gtk+              < 2.4.9-r1                 >= 2.4.9-r1

40

                                                               < 2.0.0

41

  2  media-libs/gdk-pixbuf      < 0.22.0-r3               >= 0.22.0-r3

42

    -------------------------------------------------------------------

43

     2 affected packages on all of their supported architectures.

44

    -------------------------------------------------------------------

45

46

Description

47

===========

48

49

A vulnerability has been discovered in the BMP image preprocessor

50

(CAN-2004-0753). Furthermore, Chris Evans found a possible integer

51

overflow in the pixbuf_create_from_xpm() function, resulting in a heap

52

overflow (CAN-2004-0782). He also found a potential stack-based buffer

53

overflow in the xpm_extract_color() function (CAN-2004-0783). A

54

possible integer overflow has also been found in the ICO decoder.

55

56

Impact

57

======

58

59

With a specially crafted BMP image an attacker could cause an affected

60

application to enter an infinite loop when that image is being

61

processed. Also, by making use of specially crafted XPM or ICO images

62

an attacker could trigger the overflows, which potentially allows the

63

execution of arbitrary code.

64

65

Workaround

66

==========

67

68

There is no known workaround at this time.

69

70

Resolution

71

==========

72

73

All GTK+ 2 users should upgrade to the latest version:

74

75

    # emerge sync

76

77

    # emerge -pv ">=x11-libs/gtk+-2.4.9-r1"

78

    # emerge ">=x11-libs/gtk+-2.4.9-r1"

79

80

All GdkPixbuf users should upgrade to the latest version:

81

82

    # emerge sync

83

84

    # emerge -pv ">=media-libs/gdk-pixbuf-0.22.0-r3"

85

    # emerge ">=media-libs/gdk-pixbuf-0.22.0-r3"

86

87

References

88

==========

89

90

  [ 1 ] CAN-2004-0753

91

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753

92

  [ 2 ] CAN-2004-0782

93

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782

94

  [ 3 ] CAN-2004-0783

95

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783

96

  [ 4 ] CAN-2004-0788

97

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788

98

  [ 5 ] GNOME Bug 150601

99

        http://bugzilla.gnome.org/show_bug.cgi?id=150601

100

101

Availability

102

============

103

104

This GLSA and any updates to it are available for viewing at

105

the Gentoo Security Website:

106

107

  http://security.gentoo.org/glsa/glsa-200409-28.xml

108

109

Concerns?

110

=========

111

112

Security is a primary focus of Gentoo Linux and ensuring the

113

confidentiality and security of our users machines is of utmost

114

importance to us. Any security concerns should be addressed to

115

security@g.o or alternatively, you may file a bug at

116

http://bugs.gentoo.org.

117

118

License

119

=======

120

121

Copyright 2004 Gentoo Foundation, Inc; referenced text

122

belongs to its owner(s).

123

124

The contents of this document are licensed under the

125

Creative Commons - Attribution / Share Alike license.

126

127

http://creativecommons.org/licenses/by-sa/1.0

128

129

-----BEGIN PGP SIGNATURE-----

130

Version: GnuPG v1.2.4 (GNU/Linux)

131

Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

132

133

iD8DBQFBUJRYvcL1obalX08RAgzmAKCQVANOb5xzqSuAkRvk37qnaiDW8wCfdl0i

134

XiGYgw/NB9bYGng5/0foFT0=

135

=eRg1

136

-----END PGP SIGNATURE-----

1	-----BEGIN PGP SIGNED MESSAGE-----
2	Hash: SHA1
3
4	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5	Gentoo Linux Security Advisory GLSA 200409-28
6	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7	http://security.gentoo.org/
8	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10	Severity: Normal
11	Title: GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities
12	Date: September 21, 2004
13	Bugs: #64230
14	ID: 200409-28
15
16	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18	Synopsis
19	========
20
21	The GdkPixbuf library, which is also included in GTK+ 2, contains
22	several vulnerabilities that could lead to a Denial of Service or the
23	execution of arbitrary code.
24
25	Background
26	==========
27
28	GTK+ (GIMP Toolkit +) is a toolkit for creating graphical user
29	interfaces. The GdkPixbuf library provides facilities for image
30	handling. It is available as a standalone library as well as shipped
31	with GTK+ 2.
32
33	Affected packages
34	=================
35
36	-------------------------------------------------------------------
37	Package / Vulnerable / Unaffected
38	-------------------------------------------------------------------
39	1 x11-libs/gtk+ < 2.4.9-r1 >= 2.4.9-r1
40	< 2.0.0
41	2 media-libs/gdk-pixbuf < 0.22.0-r3 >= 0.22.0-r3
42	-------------------------------------------------------------------
43	2 affected packages on all of their supported architectures.
44	-------------------------------------------------------------------
45
46	Description
47	===========
48
49	A vulnerability has been discovered in the BMP image preprocessor
50	(CAN-2004-0753). Furthermore, Chris Evans found a possible integer
51	overflow in the pixbuf_create_from_xpm() function, resulting in a heap
52	overflow (CAN-2004-0782). He also found a potential stack-based buffer
53	overflow in the xpm_extract_color() function (CAN-2004-0783). A
54	possible integer overflow has also been found in the ICO decoder.
55
56	Impact
57	======
58
59	With a specially crafted BMP image an attacker could cause an affected
60	application to enter an infinite loop when that image is being
61	processed. Also, by making use of specially crafted XPM or ICO images
62	an attacker could trigger the overflows, which potentially allows the
63	execution of arbitrary code.
64
65	Workaround
66	==========
67
68	There is no known workaround at this time.
69
70	Resolution
71	==========
72
73	All GTK+ 2 users should upgrade to the latest version:
74
75	# emerge sync
76
77	# emerge -pv ">=x11-libs/gtk+-2.4.9-r1"
78	# emerge ">=x11-libs/gtk+-2.4.9-r1"
79
80	All GdkPixbuf users should upgrade to the latest version:
81
82	# emerge sync
83
84	# emerge -pv ">=media-libs/gdk-pixbuf-0.22.0-r3"
85	# emerge ">=media-libs/gdk-pixbuf-0.22.0-r3"
86
87	References
88	==========
89
90	[ 1 ] CAN-2004-0753
91	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753
92	[ 2 ] CAN-2004-0782
93	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782
94	[ 3 ] CAN-2004-0783
95	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783
96	[ 4 ] CAN-2004-0788
97	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788
98	[ 5 ] GNOME Bug 150601
99	http://bugzilla.gnome.org/show_bug.cgi?id=150601
100
101	Availability
102	============
103
104	This GLSA and any updates to it are available for viewing at
105	the Gentoo Security Website:
106
107	http://security.gentoo.org/glsa/glsa-200409-28.xml
108
109	Concerns?
110	=========
111
112	Security is a primary focus of Gentoo Linux and ensuring the
113	confidentiality and security of our users machines is of utmost
114	importance to us. Any security concerns should be addressed to
115	security@g.o or alternatively, you may file a bug at
116	http://bugs.gentoo.org.
117
118	License
119	=======
120
121	Copyright 2004 Gentoo Foundation, Inc; referenced text
122	belongs to its owner(s).
123
124	The contents of this document are licensed under the
125	Creative Commons - Attribution / Share Alike license.
126
127	http://creativecommons.org/licenses/by-sa/1.0
128
129	-----BEGIN PGP SIGNATURE-----
130	Version: GnuPG v1.2.4 (GNU/Linux)
131	Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
132
133	iD8DBQFBUJRYvcL1obalX08RAgzmAKCQVANOb5xzqSuAkRvk37qnaiDW8wCfdl0i
134	XiGYgw/NB9bYGng5/0foFT0=
135	=eRg1
136	-----END PGP SIGNATURE-----

Gentoo Archives: gentoo-announce