The imlib packages contain an image loading and rendering library.
Pavel Kankovsky discovered several heap overflow flaws that were found in
the imlib image handler. An attacker could create a carefully crafted image
file in such a way that it could cause an application linked with imlib to
execute arbitrary code when the file was opened by a victim. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-1025 to this issue.
Additionally, Pavel discovered several integer overflow flaws that were
found in the imlib image handler. An attacker could create a carefully
crafted image file in such a way that it could cause an application linked
with imlib to execute arbitrary code or crash when the file was opened by a
victim. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2004-1026 to this issue.
Users of imlib should update to these updated packages, which contain
backported patches and are not vulnerable to this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390x | imlib-devel | < 1.9.13-13.4 | imlib-devel-1.9.13-13.4.s390x.rpm |
RedHat | any | ia64 | imlib-cfgeditor | < 1.9.13-4.3 | imlib-cfgeditor-1.9.13-4.3.ia64.rpm |
RedHat | any | x86_64 | imlib | < 1.9.13-13.4 | imlib-1.9.13-13.4.x86_64.rpm |
RedHat | any | s390x | imlib | < 1.9.13-13.4 | imlib-1.9.13-13.4.s390x.rpm |
RedHat | any | s390 | imlib-devel | < 1.9.13-13.4 | imlib-devel-1.9.13-13.4.s390.rpm |
RedHat | any | i386 | imlib | < 1.9.13-13.4 | imlib-1.9.13-13.4.i386.rpm |
RedHat | any | s390 | imlib | < 1.9.13-13.4 | imlib-1.9.13-13.4.s390.rpm |
RedHat | any | ppc | imlib-devel | < 1.9.13-13.4 | imlib-devel-1.9.13-13.4.ppc.rpm |
RedHat | any | i386 | imlib-devel | < 1.9.13-13.4 | imlib-devel-1.9.13-13.4.i386.rpm |
RedHat | any | ia64 | imlib | < 1.9.13-13.4 | imlib-1.9.13-13.4.ia64.rpm |