Lucene search
DebianDEBIAN:DSA-548-1:07899HistorySep 16, 2004 - 12:48 p.m.
[SECURITY] [DSA 548-1] New imlib packages fix arbitrary code execution
2004-09-1612:48:02
lists.debian.org
6
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Debian Security Advisory DSA 548-1 [email protected]
http://www.debian.org/security/ Martin Schulze
September 16th, 2004 http://www.debian.org/security/faq
Package : imlib
Vulnerability : unsanitised input
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0817
Marcus Meissner discovered a heap overflow error in imlib, an imaging
library for X and X11, that could be abused by an attacker to execute
arbitrary code on the vicims machine.
For the stable distribution (woody) this problem has been fixed in
version 1.9.14-2wody1.
For the unstable distribution (sid) this problem has been fixed in
version 1.9.14-17 of imlib and in version 1.9.14-16 of imlib+png2.
We recommend that you upgrade your imlib1 packages.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/i/imlib/imlib_1.9.14-2wody1.dsc
Size/MD5 checksum: 803 6472ca2afec2286f184350d849bf9a5d
http://security.debian.org/pool/updates/main/i/imlib/imlib_1.9.14-2wody1.diff.gz
Size/MD5 checksum: 269552 31472b9a33f689d518c237fa7d742961
http://security.debian.org/pool/updates/main/i/imlib/imlib_1.9.14.orig.tar.gz
Size/MD5 checksum: 748591 1fa54011e4e1db532d7eadae3ced6a8c
Architecture independent components:
http://security.debian.org/pool/updates/main/i/imlib/imlib-base_1.9.14-2wody1_all.deb
Size/MD5 checksum: 114576 15b012593229931c4bbc29040d2fdae5
Alpha architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_alpha.deb
Size/MD5 checksum: 119104 4e64b397ae2e9a839600fc8f19fdd1df
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_alpha.deb
Size/MD5 checksum: 96582 a0f07e9f4ded557eb3fabc0914ea6625
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_alpha.deb
Size/MD5 checksum: 116752 d036103895155f0267a26283631978d5
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_alpha.deb
Size/MD5 checksum: 262078 5e49dc13a1a4d61f74222dc1ae1bcb57
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_alpha.deb
Size/MD5 checksum: 96668 b4cff88f951f6682358f6f393691a5bd
ARM architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_arm.deb
Size/MD5 checksum: 93592 9c928508c6366fa367cddaecf4d2e99d
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_arm.deb
Size/MD5 checksum: 75032 4f90fccb7d8bc12b188d62da43f8f712
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_arm.deb
Size/MD5 checksum: 93634 1c44359a8043ecd94dbcd7a4349fac6a
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_arm.deb
Size/MD5 checksum: 258134 5f10db2bcb55a1ef8de534bdd0be730a
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_arm.deb
Size/MD5 checksum: 75924 87ff486de47e594a996992a8721c9542
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_i386.deb
Size/MD5 checksum: 77454 2b01b6df4f0859f6975932d2c3889fef
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_i386.deb
Size/MD5 checksum: 68730 afaadff6f4e14d885a663bd47c68c97a
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_i386.deb
Size/MD5 checksum: 76038 3b541785c7423bbb1c08b7ab4195f25d
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_i386.deb
Size/MD5 checksum: 258222 89e8b55aac576760bb7dbd2fbce97ef4
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_i386.deb
Size/MD5 checksum: 69332 1a2f9af32e10060af9712309565de823
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_ia64.deb
Size/MD5 checksum: 128272 be9e12e56078ad9426c018fd589a386c
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_ia64.deb
Size/MD5 checksum: 115640 2894139657c170641f026a5f51be8ae4
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_ia64.deb
Size/MD5 checksum: 128662 a0d502bd1cb1147ec2806739dab6ffd9
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_ia64.deb
Size/MD5 checksum: 266378 5febdea31eb17b29854233fbfb307869
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_ia64.deb
Size/MD5 checksum: 118478 b53e063c50cbee0082fd3f34e6495a07
HP Precision architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_hppa.deb
Size/MD5 checksum: 104722 cd83de0a77ec1a2e9ad2b89661f7ce95
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_hppa.deb
Size/MD5 checksum: 91568 e7ea261ab12d3026c655b88816b03fb1
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_hppa.deb
Size/MD5 checksum: 103092 787e38c5c6804290826fb24d39942471
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_hppa.deb
Size/MD5 checksum: 260886 6b7d99f18c2c4e531268d0685cec7815
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_hppa.deb
Size/MD5 checksum: 91038 c8ca84e673418e3c0be7fd6f983b72a5
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_m68k.deb
Size/MD5 checksum: 71648 46ee28536a1eca2cde30c8956aced176
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_m68k.deb
Size/MD5 checksum: 63886 c27cb2052b30443ccbd8aaa1ee70752c
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_m68k.deb
Size/MD5 checksum: 69480 62a8fdc6b8eefdf233073d27ff143159
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_m68k.deb
Size/MD5 checksum: 257254 2062e2c1e836765fa547540c25217dc0
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_m68k.deb
Size/MD5 checksum: 64098 bb634b1f3812b538a158fcb5ffb2037a
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_mips.deb
Size/MD5 checksum: 95334 6df97ffb427a10ea4ad53b9031725fca
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_mips.deb
Size/MD5 checksum: 75042 dc6945a5f284fe9df84f73aef5c5fd98
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_mips.deb
Size/MD5 checksum: 92272 77d49cb7e43d26ff1c760f509b68a692
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_mips.deb
Size/MD5 checksum: 257824 03abbd17269e50822da7d9ff8962500d
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_mips.deb
Size/MD5 checksum: 75606 6173739a1120d7388a77727ee28a1c50
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_mipsel.deb
Size/MD5 checksum: 95350 af89cfadec5bbb4e48f9ae0bb6c59b03
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_mipsel.deb
Size/MD5 checksum: 75088 340cedde5a835f610164753e64d8a36d
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_mipsel.deb
Size/MD5 checksum: 92286 48df55c16c2760bd82d5dfbd051d1104
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_mipsel.deb
Size/MD5 checksum: 257692 f9b42b3f6d6ba9e4bdc48df5fe5c2d22
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_mipsel.deb
Size/MD5 checksum: 75520 2c8d731adcee92a92307fd11861fdaae
PowerPC architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_powerpc.deb
Size/MD5 checksum: 93706 6cc8b8753c18f11793805faeeb25aded
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_powerpc.deb
Size/MD5 checksum: 76440 50d611afb959762e4b975bdf181dabe4
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_powerpc.deb
Size/MD5 checksum: 89862 cbf553ff94b438dccea73bd68cb64f8f
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_powerpc.deb
Size/MD5 checksum: 258394 2cbbcc991c068aa94adff360210dfc41
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_powerpc.deb
Size/MD5 checksum: 75050 8e123dbbfc8e0ad2ec3acf21619f4658
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_s390.deb
Size/MD5 checksum: 82924 5fff2f003dcd49d4786f09210b76df35
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_s390.deb
Size/MD5 checksum: 77602 270ce2d438f02793c50f3f27dc26c872
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_s390.deb
Size/MD5 checksum: 83804 6413991452e5bee44855606146c3402d
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_s390.deb
Size/MD5 checksum: 258558 0f331b840d6f82164f4869ee4d9847d7
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_s390.deb
Size/MD5 checksum: 78164 521720c8c47a87ef9c768108ec9bffed
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_sparc.deb
Size/MD5 checksum: 88346 7e8d46b4b7af331e92dc8bc40e1af3f1
http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_sparc.deb
Size/MD5 checksum: 76190 14d67fc9827d7eae2533c4ff3ad048b3
http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_sparc.deb
Size/MD5 checksum: 85312 5c8b26804737b09678f60ef9ea4048ba
http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_sparc.deb
Size/MD5 checksum: 258638 c2577ef0cc83d0934778c2eec3d106e3
http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_sparc.deb
Size/MD5 checksum: 76356 f500ce8f5cf4f16de487c1677970eccb
These files will probably be moved into the stable distribution on
its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 3 | mips | imlib-progs | < 1.9.14-2woody3 | imlib-progs_1.9.14-2woody3_mips.deb |
| Debian | 3.1 | all | imlib | < 1.9.14-16.2 | imlib_1.9.14-16.2_all.deb |
| Debian | 3 | s390 | imlib-dev | < 1.9.14-2woody3 | imlib-dev_1.9.14-2woody3_s390.deb |
| Debian | 3 | mips | gdk-imlib-dev | < 1.9.14-2woody3 | gdk-imlib-dev_1.9.14-2woody3_mips.deb |
| Debian | 3 | alpha | imlib1 | < 1.9.14-2woody3 | imlib1_1.9.14-2woody3_alpha.deb |
| Debian | 3 | alpha | imlib-dev | < 1.9.14-2woody3 | imlib-dev_1.9.14-2woody3_alpha.deb |
| Debian | 3 | ia64 | imlib-dev | < 1.9.14-2woody3 | imlib-dev_1.9.14-2woody3_ia64.deb |
| Debian | 3 | sparc | gdk-imlib1 | < 1.9.14-2woody3 | gdk-imlib1_1.9.14-2woody3_sparc.deb |
| Debian | 3 | arm | imlib1 | < 1.9.14-2woody3 | imlib1_1.9.14-2woody3_arm.deb |
| Debian | 3 | arm | imlib-dev | < 1.9.14-2woody3 | imlib-dev_1.9.14-2woody3_arm.deb |
Related
openvas
openvas
SLES9: Security update for imlib
2009-10-10 00:00:00
Debian Security Advisory DSA 548-2 (imlib)
2008-01-17 00:00:00
Debian Security Advisory DSA 548-1 (imlib)
2008-01-17 00:00:00
nessus
nessus
Fedora Core 1 : imlib-1.9.13-15.fc1 (2004-300)
2004-09-09 00:00:00
FreeBSD : imlib -- BMP decoder heap buffer overflow (00644f03-fb58-11d8-9837-000c41e2cdad)
2009-04-23 00:00:00
FreeBSD : imlib -- BMP decoder heap buffer overflow (75)
2004-08-31 00:00:00
debian
debian
[SECURITY] [DSA 548-2] New imlib packages fix arbitrary code execution
2005-10-26 04:38:33
[SECURITY] [DSA 548-2] New imlib packages fix arbitrary code execution
2005-10-26 04:38:33
[SECURITY] [DSA 548-1] New imlib packages fix arbitrary code execution
2004-09-16 12:48:02
ubuntucve
ubuntucve
CVE-2004-0817
2004-12-31 00:00:00
cve
cve
CVE-2004-0817
2004-12-31 05:00:00
CVE-2004-0802
2004-12-31 05:00:00
freebsd
freebsd
imlib -- BMP decoder heap buffer overflow
2004-08-25 00:00:00
redhat
redhat
(RHSA-2004:465) imlib security update
2004-09-15 00:00:00
securityvulns
securityvulns
gentoo
gentoo
ImageMagick, imlib, imlib2: BMP decoding buffer overflows
2004-09-08 00:00:00
debiancve
debiancve
CVE-2004-0802
2004-12-31 05:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related for DEBIAN:DSA-548-1:07899