Debian: DSA-2426-1: gimp security update

    Date06 Mar 2012
    CategoryDebian
    39
    Posted ByLinuxSecurity Advisories
    Several vulnerabilities have been identified in GIMP, the GNU Image Manipulation Program. CVE-2010-4540
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-2426-1                   security@debian.org
    http://www.debian.org/security/                            Florian Weimer
    March 06, 2012                         http://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : gimp
    Vulnerability  : several
    Problem type   : local
    Debian-specific: no
    CVE ID         : CVE-2010-4540 CVE-2010-4541 CVE-2010-4542 CVE-2010-4543
                     CVE-2011-1782 CVE-2011-2896
    
    Several vulnerabilities have been identified in GIMP, the GNU Image
    Manipulation Program.
    
    CVE-2010-4540
    	Stack-based buffer overflow in the load_preset_response
    	function in plug-ins/lighting/lighting-ui.c in the "LIGHTING
    	EFFECTS > LIGHT" plugin allows user-assisted remote attackers
    	to cause a denial of service (application crash) or possibly
    	execute arbitrary code via a long Position field in a plugin
    	configuration file.
    
    CVE-2010-4541
    	Stack-based buffer overflow in the loadit function in
    	plug-ins/common/sphere-designer.c in the SPHERE DESIGNER
    	plugin allows user-assisted remote attackers to cause a denial
    	of service (application crash) or possibly execute arbitrary
    	code via a long "Number of lights" field in a plugin
    	configuration file.
    
    CVE-2010-4542
    	Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb
    	function in in the GFIG plugin allows user-assisted remote
    	attackers to cause a denial of service (application crash) or
    	possibly execute arbitrary code via a long Foreground field in a
    	plugin configuration file.
    
    CVE-2010-4543
    	Heap-based buffer overflow in the read_channel_data function in
    	file-psp.c in the Paint Shop Pro (PSP) plugin allows remote
    	attackers to cause a denial of service (application crash) or
    	possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE
    	compression) image file that begins a long run count at the end
    	of the image.
    
    CVE-2011-1782
    	The correction for CVE-2010-4543 was incomplete.
    
    CVE-2011-2896
    	The LZW decompressor in the LZWReadByte function in
    	plug-ins/common/file-gif-load.c does not properly handle code
    	words that are absent from the decompression table when
    	encountered, which allows remote attackers to trigger an
    	infinite loop or a heap-based buffer overflow, and possibly
    	execute arbitrary code, via a crafted compressed stream.
    
    
    For the stable distribution (squeeze), these problems have been fixed in
    version 2.6.10-1+squeeze3.
    
    For the testing distribution (wheezy) and the unstable distribution
    (sid), these problems have been fixed in version 2.6.11-5.
    
    We recommend that you upgrade your gimp packages.
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"5","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.