Home page logo
/

bugtraq logo Bugtraq mailing list archives

[ MDVSA-2011:103 ] gimp
From: security () mandriva com
Date: Sun, 29 May 2011 18:37:01 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:103
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : gimp
 Date    : May 29, 2011
 Affected: 2009.0, 2010.1, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities was discovered and fixed in gimp:
 
 Stack-based buffer overflow in the "LIGHTING EFFECTS > LIGHT" plugin in
 GIMP 2.6.11 allows user-assisted remote attackers to cause a denial
 of service (application crash) or possibly execute arbitrary code
 via a long Position field in a plugin configuration file.  NOTE:
 it may be uncommon to obtain a GIMP plugin configuration file from
 an untrusted source that is separate from the distribution of the
 plugin itself (CVE-2010-4540).
 
 Stack-based buffer overflow in the SPHERE DESIGNER plugin in GIMP
 2.6.11 allows user-assisted remote attackers to cause a denial of
 service (application crash) or possibly execute arbitrary code via a
 long Number of lights field in a plugin configuration file.  NOTE:
 it may be uncommon to obtain a GIMP plugin configuration file from
 an untrusted source that is separate from the distribution of the
 plugin itself (CVE-2010-4541).
 
 Stack-based buffer overflow in the GFIG plugin in GIMP 2.6.11
 allows user-assisted remote attackers to cause a denial of service
 (application crash) or possibly execute arbitrary code via a long
 Foreground field in a plugin configuration file.  NOTE: it may be
 uncommon to obtain a GIMP plugin configuration file from an untrusted
 source that is separate from the distribution of the plugin itself
 (CVE-2010-4542).
 
 Heap-based buffer overflow in the read_channel_data function in
 file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows
 remote attackers to cause a denial of service (application crash)
 or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE
 compression) image file that begins a long run count at the end of
 the image (CVE-2010-4543, CVE-2011-1782).
 
 Packages for 2009.0 are provided as of the Extended Maintenance
 Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php\?cPath=149\&products_id=490
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4540
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4541
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4542
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4543
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1782
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 7c02d4aa8eae727861eb0920dd3483b2  2009.0/i586/gimp-2.4.7-1.2mdv2009.0.i586.rpm
 45c06cdb705f4c617b71bec50c455c26  2009.0/i586/gimp-python-2.4.7-1.2mdv2009.0.i586.rpm
 57fb06ee874653cf94881817b6690394  2009.0/i586/libgimp2.0_0-2.4.7-1.2mdv2009.0.i586.rpm
 91a7961f7e95b7597a97a5548814c063  2009.0/i586/libgimp2.0-devel-2.4.7-1.2mdv2009.0.i586.rpm 
 20e6ed8705feb5acb1cdaf7831beeeee  2009.0/SRPMS/gimp-2.4.7-1.2mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 ab317b4e3f3be709a2873f84ce30c215  2009.0/x86_64/gimp-2.4.7-1.2mdv2009.0.x86_64.rpm
 8a6bfb9b582f2a0d9cccd5a972b568e4  2009.0/x86_64/gimp-python-2.4.7-1.2mdv2009.0.x86_64.rpm
 941103b8e1655a5a064192bd6e20b6a9  2009.0/x86_64/lib64gimp2.0_0-2.4.7-1.2mdv2009.0.x86_64.rpm
 dd8c18b873a2178540d32285dee26879  2009.0/x86_64/lib64gimp2.0-devel-2.4.7-1.2mdv2009.0.x86_64.rpm 
 20e6ed8705feb5acb1cdaf7831beeeee  2009.0/SRPMS/gimp-2.4.7-1.2mdv2009.0.src.rpm

 Mandriva Linux 2010.1:
 b4934e6c63a58a89e26ce5a8bd4dd0aa  2010.1/i586/gimp-2.6.8-3.1mdv2010.2.i586.rpm
 cf9cd4f6c93ca1108daaa839441e41a3  2010.1/i586/gimp-python-2.6.8-3.1mdv2010.2.i586.rpm
 c096ed34e2e0272272d01bc01b640bfb  2010.1/i586/libgimp2.0_0-2.6.8-3.1mdv2010.2.i586.rpm
 df803b5a43613d2b67c3cf61bbb1e39c  2010.1/i586/libgimp2.0-devel-2.6.8-3.1mdv2010.2.i586.rpm 
 74c23d2b743d532a989e7dec401e1f66  2010.1/SRPMS/gimp-2.6.8-3.1mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 e8458c9df877106443fac58d804c9465  2010.1/x86_64/gimp-2.6.8-3.1mdv2010.2.x86_64.rpm
 26edfcc18b11395426f7fcdbf0b08b2f  2010.1/x86_64/gimp-python-2.6.8-3.1mdv2010.2.x86_64.rpm
 874338737686abb415ee3df1efb3a57e  2010.1/x86_64/lib64gimp2.0_0-2.6.8-3.1mdv2010.2.x86_64.rpm
 c11c04938bac89c9735429a4fcbd276e  2010.1/x86_64/lib64gimp2.0-devel-2.6.8-3.1mdv2010.2.x86_64.rpm 
 74c23d2b743d532a989e7dec401e1f66  2010.1/SRPMS/gimp-2.6.8-3.1mdv2010.2.src.rpm

 Mandriva Enterprise Server 5:
 a858be803cf318a4bf65cb3f98537928  mes5/i586/gimp-2.4.7-1.2mdvmes5.2.i586.rpm
 34f3115b398f3e8c0c0ff3570c133db2  mes5/i586/gimp-python-2.4.7-1.2mdvmes5.2.i586.rpm
 9bd4f53d61bc99f82aa0c202832a1e31  mes5/i586/libgimp2.0_0-2.4.7-1.2mdvmes5.2.i586.rpm
 c4a5ff2e425ce131a5366108e5275cf9  mes5/i586/libgimp2.0-devel-2.4.7-1.2mdvmes5.2.i586.rpm 
 4211449a29646f79f66586d858833f1d  mes5/SRPMS/gimp-2.4.7-1.2mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 728cc2a6f12144650862438c9675f3e6  mes5/x86_64/gimp-2.4.7-1.2mdvmes5.2.x86_64.rpm
 96586a84019b3da23e0da6b64c8deb7b  mes5/x86_64/gimp-python-2.4.7-1.2mdvmes5.2.x86_64.rpm
 eed9cf47737fa79778b4907c8d7ee274  mes5/x86_64/lib64gimp2.0_0-2.4.7-1.2mdvmes5.2.x86_64.rpm
 7ae6020f94251df98fe667336677b25e  mes5/x86_64/lib64gimp2.0-devel-2.4.7-1.2mdvmes5.2.x86_64.rpm 
 4211449a29646f79f66586d858833f1d  mes5/SRPMS/gimp-2.4.7-1.2mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFN4kbemqjQ0CJFipgRAt+yAKCZRS8hvsbbv0x4neqZ9BvIh9TN3ACcDDgR
yhS4p+P7b9jJKyzsYSUV3DM=
=eQm1
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • [ MDVSA-2011:103 ] gimp security (May 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault