Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[USN-21-1] libgd vulnerabilities
From: Martin Pitt <martin.pitt () canonical com>
Date: Wed, 10 Nov 2004 00:23:12 +0100

===========================================================
Ubuntu Security Notice USN-21-1           November 09, 2004
libgd vulnerabilities
CAN-2004-0990
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libgd1-noxpm
libgd1-xpm

The problem can be corrected by upgrading the affected package to
version 1.8.4-36ubuntu0.1.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Several buffer overflows have been discovered in libgd's PNG handling
functions.

If an attacker tricked a user into loading a malicious PNG image, they
could leverage this into executing arbitrary code in the context of
the user opening image. Most importantly, this library is commonly
used in PHP. One possible target would be a PHP driven photo website
that lets users upload images. Therefore this vulnerability might lead
to privilege escalation to a web server's privileges.

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd_1.8.4-36ubuntu0.1.diff.gz
      Size/MD5:    10916 c2c530c778e1d3292a548011a51032ad
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd_1.8.4-36ubuntu0.1.dsc
      Size/MD5:      775 bb00a458ec1948cd9706c61be02fe2c7
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd_1.8.4.orig.tar.gz
      Size/MD5:   559248 813625508e31f5c205904a305bdc8669

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd-dev_1.8.4-36ubuntu0.1_all.deb
      Size/MD5:     8618 c25e353edc262aab44f7b4669f7e497a
    http://security.ubuntu.com/ubuntu/pool/universe/libg/libgd/libgd1_1.8.4-36ubuntu0.1_all.deb
      Size/MD5:     8606 1f53fe3d1c8721a0cc49d9c06a14d92d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd-noxpm-dev_1.8.4-36ubuntu0.1_amd64.deb
      Size/MD5:   118226 76e550f3ddf341474d0e57151a817f08
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd-xpm-dev_1.8.4-36ubuntu0.1_amd64.deb
      Size/MD5:   119058 1e7e7dde4d9c3e75cf024c670ce4777b
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd1-noxpm_1.8.4-36ubuntu0.1_amd64.deb
      Size/MD5:   111626 62013a52e89463e7719ac1996da38b65
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd1-xpm_1.8.4-36ubuntu0.1_amd64.deb
      Size/MD5:   111966 6dbebfa30099ccb2a9a3f635fd7a0e13

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd-noxpm-dev_1.8.4-36ubuntu0.1_i386.deb
      Size/MD5:   113480 2d9c7f28380bbf08c743f618e25137e8
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd-xpm-dev_1.8.4-36ubuntu0.1_i386.deb
      Size/MD5:   114024 ac17d4b460aa99c28f56221fbe65b49b
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd1-noxpm_1.8.4-36ubuntu0.1_i386.deb
      Size/MD5:   108608 56f51fe4d1dfb25a8b595dedf4654d85
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd1-xpm_1.8.4-36ubuntu0.1_i386.deb
      Size/MD5:   109002 514f150e1c8ba0bb2899ad4b4df76c50

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd-noxpm-dev_1.8.4-36ubuntu0.1_powerpc.deb
      Size/MD5:   119384 18296ec9e4086eb3e01c6b7be863ce97
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd-xpm-dev_1.8.4-36ubuntu0.1_powerpc.deb
      Size/MD5:   120238 667f0b624fc6a54ba5d846f00fc9c22e
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd1-noxpm_1.8.4-36ubuntu0.1_powerpc.deb
      Size/MD5:   112964 9aab88d6c4355bd7d21c33ece7b2571e
    http://security.ubuntu.com/ubuntu/pool/main/libg/libgd/libgd1-xpm_1.8.4-36ubuntu0.1_powerpc.deb
      Size/MD5:   113238 dcf54fbd2b5e45981e64b0d29e466123

Attachment: signature.asc
Description: Digital signature


  By Date           By Thread  

Current thread:
  • [USN-21-1] libgd vulnerabilities Martin Pitt (Nov 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault