What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2009-3011
2009-03-25 15:23:17
--------------------------------------------------------------------------------Name        : argyllcms
Product     : Fedora 10
Version     : 1.0.3
Release     : 3.fc10
URL         : http://www.argyllcms.com/
Summary     : ICC compatible color management system
Description :
The Argyll color management system supports accurate ICC profile creation for
scanners, CMYK printers, film recorders and calibration and profiling of
displays.

Spectral sample data is supported, allowing a selection of illuminants observer
types, and paper fluorescent whitener additive compensation. Profiles can also
incorporate source specific gamut mappings for perceptual and saturation
intents. Gamut mapping and profile linking uses the CIECAM02 appearance model,
a unique gamut mapping algorithm, and a wide selection of rendering intents. It
also includes code for the fastest portable 8 bit raster color conversion
engine available anywhere, as well as support for fast, fully accurate 16 bit
conversion. Device color gamuts can also be viewed and compared using a VRML
viewer.

--------------------------------------------------------------------------------Update Information:

Multiple integer overflows were found in the International Color  Consortium
Format Library (icclib). An attacker could use this flaw to  potentially execute
arbitrary code by requesting to translate a specially-  crafted image file
created on one device into another's device native color  space via a device
file.
--------------------------------------------------------------------------------ChangeLog:

* Mon Mar 23 2009 Jon Ciesla  - 1.0.3-3
- Patch for ICC library CVE-2009-{0583, 0584} by Tim Waugh.
* Mon Feb 23 2009 Fedora Release Engineering  - 1.0.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #487742 - CVE-2009-0583 ghostscript: Multiple integer overflows in the International Color Consortium Format Library
        https://bugzilla.redhat.com/show_bug.cgi?id=487742
  [ 2 ] Bug #487744 - CVE-2009-0584 ghostscript: Multiple insufficient upper-bounds checks on certain sizes in the International Color Consortium Format Library
        https://bugzilla.redhat.com/show_bug.cgi?id=487744
--------------------------------------------------------------------------------This update can be installed with the "yum" update program.  Use 
su -c 'yum update argyllcms' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 10 Update: argyllcms-1.0.3-3.fc10

March 25, 2009
Multiple integer overflows were found in the International Color Consortium Format Library (icclib)

Summary

The Argyll color management system supports accurate ICC profile creation for

scanners, CMYK printers, film recorders and calibration and profiling of

displays.

Spectral sample data is supported, allowing a selection of illuminants observer

types, and paper fluorescent whitener additive compensation. Profiles can also

incorporate source specific gamut mappings for perceptual and saturation

intents. Gamut mapping and profile linking uses the CIECAM02 appearance model,

a unique gamut mapping algorithm, and a wide selection of rendering intents. It

also includes code for the fastest portable 8 bit raster color conversion

engine available anywhere, as well as support for fast, fully accurate 16 bit

conversion. Device color gamuts can also be viewed and compared using a VRML

viewer.

Multiple integer overflows were found in the International Color Consortium

Format Library (icclib). An attacker could use this flaw to potentially execute

arbitrary code by requesting to translate a specially- crafted image file

created on one device into another's device native color space via a device

file.

* Mon Mar 23 2009 Jon Ciesla - 1.0.3-3

- Patch for ICC library CVE-2009-{0583, 0584} by Tim Waugh.

* Mon Feb 23 2009 Fedora Release Engineering - 1.0.3-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

[ 1 ] Bug #487742 - CVE-2009-0583 ghostscript: Multiple integer overflows in the International Color Consortium Format Library

https://bugzilla.redhat.com/show_bug.cgi?id=487742

[ 2 ] Bug #487744 - CVE-2009-0584 ghostscript: Multiple insufficient upper-bounds checks on certain sizes in the International Color Consortium Format Library

https://bugzilla.redhat.com/show_bug.cgi?id=487744

su -c 'yum update argyllcms' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

http://fedoraproject.org/keys

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2009-3011 2009-03-25 15:23:17 Product : Fedora 10 Version : 1.0.3 Release : 3.fc10 URL : http://www.argyllcms.com/ Summary : ICC compatible color management system Description : The Argyll color management system supports accurate ICC profile creation for scanners, CMYK printers, film recorders and calibration and profiling of displays. Spectral sample data is supported, allowing a selection of illuminants observer types, and paper fluorescent whitener additive compensation. Profiles can also incorporate source specific gamut mappings for perceptual and saturation intents. Gamut mapping and profile linking uses the CIECAM02 appearance model, a unique gamut mapping algorithm, and a wide selection of rendering intents. It also includes code for the fastest portable 8 bit raster color conversion engine available anywhere, as well as support for fast, fully accurate 16 bit conversion. Device color gamuts can also be viewed and compared using a VRML viewer. Multiple integer overflows were found in the International Color Consortium Format Library (icclib). An attacker could use this flaw to potentially execute arbitrary code by requesting to translate a specially- crafted image file created on one device into another's device native color space via a device file. * Mon Mar 23 2009 Jon Ciesla - 1.0.3-3 - Patch for ICC library CVE-2009-{0583, 0584} by Tim Waugh. * Mon Feb 23 2009 Fedora Release Engineering - 1.0.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild [ 1 ] Bug #487742 - CVE-2009-0583 ghostscript: Multiple integer overflows in the International Color Consortium Format Library https://bugzilla.redhat.com/show_bug.cgi?id=487742 [ 2 ] Bug #487744 - CVE-2009-0584 ghostscript: Multiple insufficient upper-bounds checks on certain sizes in the International Color Consortium Format Library https://bugzilla.redhat.com/show_bug.cgi?id=487744 su -c 'yum update argyllcms' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Product : Fedora 10
Version : 1.0.3
Release : 3.fc10
URL : http://www.argyllcms.com/
Summary : ICC compatible color management system

Related News

The Rust Foundation to Develop Training and Certification Program

Dec 3, 2023

Linus Torvalds on the State of Linux Today and How AI Figures in Its Future

Dec 6, 2023

Severe Chromium Bug Threatens Sensitive Data, System Availability

Nov 13, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo