[gentoo-announce] [ GLSA 200510-26 ] XLI, Xloadimage: Buffer overflow - gentoo-announce

From:	Sune Kloppenborg Jeppesen <jaervosz@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200510-26 ] XLI, Xloadimage: Buffer overflow
Date:	Sun, 30 Oct 2005 18:10:16
Message-Id:	`200510301844.17475.jaervosz@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 200510-26

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: Normal

8

     Title: XLI, Xloadimage: Buffer overflow

9

      Date: October 30, 2005

10

      Bugs: #108365

11

        ID: 200510-26

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Synopsis

16

========

17

18

XLI and Xloadimage contain a vulnerability which could potentially

19

result in the execution of arbitrary code.

20

21

Background

22

==========

23

24

XLI and Xloadimage are X11 image manipulation utilities.

25

26

Affected packages

27

=================

28

29

    -------------------------------------------------------------------

30

     Package               /   Vulnerable   /               Unaffected

31

    -------------------------------------------------------------------

32

  1  media-gfx/xli             < 1.17.0-r2                >= 1.17.0-r2

33

  2  media-gfx/xloadimage       < 4.1-r4                     >= 4.1-r4

34

    -------------------------------------------------------------------

35

     2 affected packages on all of their supported architectures.

36

    -------------------------------------------------------------------

37

38

Description

39

===========

40

41

When XLI or Xloadimage process an image, they create a new image object

42

to contain the new image, copying the title from the old image to the

43

newly created image. Ariel Berkman reported that the 'zoom', 'reduce',

44

and 'rotate' functions use a fixed length buffer to contain the new

45

title, which could be overwritten by the NIFF or XPM image processors.

46

47

Impact

48

======

49

50

A malicious user could craft a malicious XPM or NIFF file and entice a

51

user to view it using XLI, or manipulate it using Xloadimage,

52

potentially resulting in the execution of arbitrary code with the

53

permissions of the user running XLI or Xloadimage.

54

55

Workaround

56

==========

57

58

There is no known workaround at this time.

59

60

Resolution

61

==========

62

63

All XLI users should upgrade to the latest version:

64

65

    # emerge --sync

66

    # emerge --ask --oneshot --verbose ">=media-gfx/xli-1.17.0-r2"

67

68

All Xloadimage users should upgrade to the latest version:

69

70

    # emerge --sync

71

    # emerge --ask --oneshot --verbose ">=media-gfx/xloadimage-4.1-r4"

72

73

References

74

==========

75

76

  [ 1 ] CAN-2005-3178

77

        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3178

78

79

Availability

80

============

81

82

This GLSA and any updates to it are available for viewing at

83

the Gentoo Security Website:

84

85

  http://security.gentoo.org/glsa/glsa-200510-26.xml

86

87

Concerns?

88

=========

89

90

Security is a primary focus of Gentoo Linux and ensuring the

91

confidentiality and security of our users machines is of utmost

92

importance to us. Any security concerns should be addressed to

93

security@g.o or alternatively, you may file a bug at

94

http://bugs.gentoo.org.

95

96

License

97

=======

98

99

Copyright 2005 Gentoo Foundation, Inc; referenced text

100

belongs to its owner(s).

101

102

The contents of this document are licensed under the

103

Creative Commons - Attribution / Share Alike license.

104

105

http://creativecommons.org/licenses/by-sa/2.0

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200510-26
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: XLI, Xloadimage: Buffer overflow
9	Date: October 30, 2005
10	Bugs: #108365
11	ID: 200510-26
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Synopsis
16	========
17
18	XLI and Xloadimage contain a vulnerability which could potentially
19	result in the execution of arbitrary code.
20
21	Background
22	==========
23
24	XLI and Xloadimage are X11 image manipulation utilities.
25
26	Affected packages
27	=================
28
29	-------------------------------------------------------------------
30	Package / Vulnerable / Unaffected
31	-------------------------------------------------------------------
32	1 media-gfx/xli < 1.17.0-r2 >= 1.17.0-r2
33	2 media-gfx/xloadimage < 4.1-r4 >= 4.1-r4
34	-------------------------------------------------------------------
35	2 affected packages on all of their supported architectures.
36	-------------------------------------------------------------------
37
38	Description
39	===========
40
41	When XLI or Xloadimage process an image, they create a new image object
42	to contain the new image, copying the title from the old image to the
43	newly created image. Ariel Berkman reported that the 'zoom', 'reduce',
44	and 'rotate' functions use a fixed length buffer to contain the new
45	title, which could be overwritten by the NIFF or XPM image processors.
46
47	Impact
48	======
49
50	A malicious user could craft a malicious XPM or NIFF file and entice a
51	user to view it using XLI, or manipulate it using Xloadimage,
52	potentially resulting in the execution of arbitrary code with the
53	permissions of the user running XLI or Xloadimage.
54
55	Workaround
56	==========
57
58	There is no known workaround at this time.
59
60	Resolution
61	==========
62
63	All XLI users should upgrade to the latest version:
64
65	# emerge --sync
66	# emerge --ask --oneshot --verbose ">=media-gfx/xli-1.17.0-r2"
67
68	All Xloadimage users should upgrade to the latest version:
69
70	# emerge --sync
71	# emerge --ask --oneshot --verbose ">=media-gfx/xloadimage-4.1-r4"
72
73	References
74	==========
75
76	[ 1 ] CAN-2005-3178
77	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3178
78
79	Availability
80	============
81
82	This GLSA and any updates to it are available for viewing at
83	the Gentoo Security Website:
84
85	http://security.gentoo.org/glsa/glsa-200510-26.xml
86
87	Concerns?
88	=========
89
90	Security is a primary focus of Gentoo Linux and ensuring the
91	confidentiality and security of our users machines is of utmost
92	importance to us. Any security concerns should be addressed to
93	security@g.o or alternatively, you may file a bug at
94	http://bugs.gentoo.org.
95
96	License
97	=======
98
99	Copyright 2005 Gentoo Foundation, Inc; referenced text
100	belongs to its owner(s).
101
102	The contents of this document are licensed under the
103	Creative Commons - Attribution / Share Alike license.
104
105	http://creativecommons.org/licenses/by-sa/2.0

Gentoo Archives: gentoo-announce