Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 64230 - x11-libs/gtk+-2*, media-libs/gdk-pixbuf: Multiple Image Decoding Vulnerabilities
Summary: x11-libs/gtk+-2*, media-libs/gdk-pixbuf: Multiple Image Decoding Vulnerabilities
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High major (vote)
Assignee: Gentoo Security
URL: http://bugzilla.gnome.org/show_bug.cg...
Whiteboard: A2 [glsa] jaervosz
Keywords:
: 64233 (view as bug list)
Depends on:
Blocks: 64135
  Show dependency tree
 
Reported: 2004-09-16 03:06 UTC by Matthias Geerdsen (RETIRED)
Modified: 2011-10-30 22:39 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
gdk-pixbuf-0.22.0-CAN-2004-0753.patch (gdk-pixbuf-0.22.0-CAN-2004-0753.patch,557 bytes, patch)
2004-09-16 09:17 UTC, Sune Kloppenborg Jeppesen
no flags Details | Diff
gdk-pixbuf-0.22.0-rh-alt-bound.patch (gdk-pixbuf-0.22.0-rh-alt-bound.patch,2.06 KB, patch)
2004-09-16 09:18 UTC, Sune Kloppenborg Jeppesen
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Matthias Geerdsen (RETIRED) gentoo-dev 2004-09-16 03:06:34 UTC
http://secunia.com/advisories/12542/ :

Description:
Multiple vulnerabilities have been reported in GdkPixBuf, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

1) A variant of a recently disclosed vulnerability in Qt exists within the BMP image processing functionality. This can be exploited to make an affected application enter an infinite loop when a specially crafted BMP image is processed.

2) An input validation error within the "pixbuf_create_from_xpm()" function when decoding XPM images can be exploited to cause an integer overflow when a specially crafted XPM image is processed.

Successful exploitation may in turn result in a heap-based buffer overflow, which potentially allows execution of arbitrary code.

3) A boundary error within the "xpm_extract_color()" function when decoding XPM images can be exploited to cause a stack-based buffer overflow when a specially crafted XPM image is processed.

Successful exploitation may allow execution of arbitrary code.

4) An input validation error within the ICO image decoding functionality can be exploited to cause an integer overflow when a specially crafted ICO image is processed.

Successful exploitation causes an affected application to crash.

Solution:
Secunia is currently not aware of an official updated version, which addresses the vulnerabilities.

However, updates have been issued by various Linux vendors.

Provided and/or discovered by:
2-4) Chris Evans

Original Advisory:
Chris Evans:
http://scary.beasts.org/security/CESA-2004-005.txt

GNOME Bugzilla:
http://bugzilla.gnome.org/show_bug.cgi?id=150601
Comment 1 Marc Ballarin 2004-09-16 03:18:11 UTC
Note that this also affects the version of gdk-pixbuf in x11-libs/gtk+-2.4.4.
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2004-09-16 03:33:13 UTC
*** Bug 64233 has been marked as a duplicate of this bug. ***
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2004-09-16 03:38:30 UTC
Same vulnerability, two packages affected :

x11-libs/gtk+
media-libs/gdk-pixbuf

CAN-2004-0753
CAN-2004-0782
CAN-2004-0783
CAN-2004-0788
Comment 4 Sune Kloppenborg Jeppesen gentoo-dev 2004-09-16 09:17:23 UTC
Created attachment 39701 [details, diff]
gdk-pixbuf-0.22.0-CAN-2004-0753.patch

Mandrake gdk-pixbuf-0.22.0-CAN-2004-0753.patch
Comment 5 Sune Kloppenborg Jeppesen gentoo-dev 2004-09-16 09:18:08 UTC
Created attachment 39702 [details, diff]
gdk-pixbuf-0.22.0-rh-alt-bound.patch

Mandrake gdk-pixbuf-0.22.0-rh-alt-bound.patch
Comment 6 Sune Kloppenborg Jeppesen gentoo-dev 2004-09-16 09:45:20 UTC
For good reason I'm not on the gnome team.

RH SRPMs can be found here:

ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/

Mandrake SRPMs here:

ftp://spirit.profinet.sk/mirrors/Mandrake/updates/10.0/SRPMS
Comment 7 Thierry Carrez (RETIRED) gentoo-dev 2004-09-18 01:43:14 UTC
Updated Mandrake advisory :
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:095-1

"The previous package had an incorrect patch applied that would cause some problems with other programs. The updated packages have the correct patch applied.
As well, patched gtk+2 packages, which also contain gdk-pixbuf, are now provided."
Comment 8 foser (RETIRED) gentoo-dev 2004-09-19 16:08:41 UTC
Added gtk+-2.4.9-r1 & gdk-pixbuf-0.22.0-r3 with patches for these issues. Marked both stable on x86.
Comment 9 SpanKY gentoo-dev 2004-09-19 18:08:34 UTC
amd64 stable
Comment 10 Jochen Maes (RETIRED) gentoo-dev 2004-09-20 04:00:56 UTC
stable on ppc
Comment 11 Gustavo Zacarias (RETIRED) gentoo-dev 2004-09-20 06:52:14 UTC
Sparc stable.
Comment 12 Thierry Carrez (RETIRED) gentoo-dev 2004-09-20 08:42:48 UTC
SeJo: gdk-pixbuf wasn't marked ppc stable, apparently you only marked gtk+.
Comment 13 Bryan Østergaard (RETIRED) gentoo-dev 2004-09-20 10:54:38 UTC
Stable on alpha.
Comment 14 SpanKY gentoo-dev 2004-09-20 18:11:35 UTC
arm/hppa/ia64/ppc done
Comment 15 Thierry Carrez (RETIRED) gentoo-dev 2004-09-21 04:30:51 UTC
Thx everyone. Ready for a GLSA.
Comment 16 Thierry Carrez (RETIRED) gentoo-dev 2004-09-21 13:55:25 UTC
GLSA 200409-28
Comment 17 Tom Gall (RETIRED) gentoo-dev 2004-10-09 19:14:27 UTC
stable on ppc64, thanks!
Comment 18 Hardave Riar (RETIRED) gentoo-dev 2004-10-16 23:49:44 UTC
Stable on mips.