Linux Security
    Linux Security
    Linux Security

    Debian: New xloadimage packages fix arbitrary code execution

    Date
    6693
    Posted By
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 858-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                             Martin Schulze
    October 10th, 2005                      https://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : xloadimage
    Vulnerability  : buffer overflows
    Problem type   : local (remote)
    Debian-specific: no
    CVE ID         : CAN-2005-3178
    Debian Bug     : 332524
    
    Ariel Berkman discovered several buffer overflows in xloadimage, a
    graphics file viewer for X11, that can be exploited via large image
    titles and cause the execution of arbitrary code.
    
    For the old stable distribution (woody) these problems have been fixed in
    version 4.1-10woody2.
    
    For the stable distribution (sarge) these problems have been fixed in
    version 4.1-14.3.
    
    For the unstable distribution (sid) these problems have been fixed in
    version 4.1-15.
    
    We recommend that you upgrade your xloadimage package.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2.dsc
          Size/MD5 checksum:      608 2b194d25f2cd86d8c1b1f2f5a467bcc9
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2.diff.gz
          Size/MD5 checksum:    50186 53a9172758b709cf3f0e99936d47c4a4
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1.orig.tar.gz
          Size/MD5 checksum:   596021 7331850fc04056ab8ae6b5725d1fb3d2
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_alpha.deb
          Size/MD5 checksum:   139088 7be358557b829074706d31d8e02482e6
    
      ARM architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_arm.deb
          Size/MD5 checksum:   111128 6b7317be277325f505f73e15e4a2e5d1
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_i386.deb
          Size/MD5 checksum:   105382 0ab75115524b1bc8de2e6ef3f4a44eeb
    
      Intel IA-64 architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_ia64.deb
          Size/MD5 checksum:   169892 25d4ed26d2a77ef23e496daf5f7123e0
    
      HP Precision architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_hppa.deb
          Size/MD5 checksum:   125956 92a18e4bfb850b4e0d45edd854241bef
    
      Motorola 680x0 architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_m68k.deb
          Size/MD5 checksum:    99060 d8b7db59ee60184b1c6655d44ae9d8ab
    
      Big endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_mips.deb
          Size/MD5 checksum:   119736 3224dc48075eebeb2204e24f41a9be8b
    
      Little endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_mipsel.deb
          Size/MD5 checksum:   119622 0309e0d20f98b0baf6b9d464dc2f9c92
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_powerpc.deb
          Size/MD5 checksum:   112998 bb0d48772430bacf901f91413e58b8cb
    
      IBM S/390 architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_s390.deb
          Size/MD5 checksum:   113296 7704a714f140c824f9a76a68bb0cf5fb
    
      Sun Sparc architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_sparc.deb
          Size/MD5 checksum:   115220 c42cc65553599e953baf2140c5f63365
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3.dsc
          Size/MD5 checksum:      613 c22e9b8a14b2e3cb09db7b0eaaceb74e
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3.diff.gz
          Size/MD5 checksum:    66821 75afd2e1725f602ea7ee6c31677de491
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1.orig.tar.gz
          Size/MD5 checksum:   596021 7331850fc04056ab8ae6b5725d1fb3d2
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_alpha.deb
          Size/MD5 checksum:   144484 b56080219d894c106d3930893e0c5efb
    
      AMD64 architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_amd64.deb
          Size/MD5 checksum:   117762 f96ca8e4fd5c8181508cda671e250835
    
      ARM architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_arm.deb
          Size/MD5 checksum:   113260 6f70e2fd9b04aab3acb31e8f32d8004f
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_i386.deb
          Size/MD5 checksum:   112570 939143ec3b3c1a9de86a3d239c21dd9d
    
      Intel IA-64 architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_ia64.deb
          Size/MD5 checksum:   168800 ce97c7a1db1491382d7bec6388920098
    
      HP Precision architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_hppa.deb
          Size/MD5 checksum:   127336 307fcd295e7f63204f21c3484dc07d84
    
      Motorola 680x0 architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_m68k.deb
          Size/MD5 checksum:   102792 bd1d5a3337433499a89946f6377ac3c6
    
      Big endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_mips.deb
          Size/MD5 checksum:   124776 8bfe51681d7619d7850325ea00f87f5a
    
      Little endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_mipsel.deb
          Size/MD5 checksum:   125416 027a884f264f32c67b1d5cc0c9d48e98
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_powerpc.deb
          Size/MD5 checksum:   120466 3ed583a03a58367e6e26d99d1f30f050
    
      IBM S/390 architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_s390.deb
          Size/MD5 checksum:   120484 3990984d86ef50845d894b57d0036f36
    
      Sun Sparc architecture:
    
        https://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_sparc.deb
          Size/MD5 checksum:   112758 d9d7f94f2722b0a9b1fd7ea09955e3e7
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb https://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    Advisories

    LinuxSecurity Poll

    Which aspect of server security are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/38-which-aspect-of-server-security-are-you-most-interested-in-learning-more-about?task=poll.vote&format=json
    38
    radio
    [{"id":"131","title":"Preventing information leakage","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"132","title":"Firewall considerations","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"133","title":"Permissions ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.