Linux Security
    Linux Security
    Linux Security

    RedHat: Moderate: gd security update

    Date
    5333
    Posted By
    Updated gd packages that fix several buffer overflow flaws are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.
    - ---------------------------------------------------------------------
                       Red Hat Security Advisory
    
    Synopsis:          Moderate: gd security update
    Advisory ID:       RHSA-2006:0194-01
    Advisory URL:      https://rhn.redhat.com/errata/RHSA-2006-0194.html
    Issue date:        2006-02-01
    Updated on:        2006-02-01
    Product:           Red Hat Enterprise Linux
    CVE Names:         CVE-2004-0941
    - ---------------------------------------------------------------------
    
    1. Summary:
    
    Updated gd packages that fix several buffer overflow flaws are now available.
    
    This update has been rated as having moderate security impact by the Red
    Hat Security Response Team.
    
    2. Relevant releases/architectures:
    
    Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
    Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
    Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
    Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
    
    3. Problem description:
    
    The gd package contains a graphics library used for the dynamic creation of
    images such as PNG and JPEG.
    
    Several buffer overflow flaws were found in the way gd allocates memory. 
    An attacker could create a carefully crafted image that could execute
    arbitrary code if opened by a victim using a program linked against the gd
    library.  The Common Vulnerabilities and Exposures project (cve.mitre.org)
    assigned the name CVE-2004-0941 to these issues.
    
    Users of gd should upgrade to these updated packages, which contain a
    backported patch and is not vulnerable to these issues.
    
    4. Solution:
    
    Before applying this update, make sure all previously released errata
    relevant to your system have been applied.
    
    This update is available via Red Hat Network.  To use Red Hat Network,
    launch the Red Hat Update Agent with the following command:
    
    up2date
    
    This will start an interactive process that will result in the appropriate
    RPMs being upgraded on your system.
    
    5. Bug IDs fixed (https://bugzilla.redhat.com/):
    
    175413 - CVE-2004-0941 additional overflows in gd
    
    
    6. RPMs required:
    
    Red Hat Enterprise Linux AS version 4:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gd-2.0.28-4.4E.1.src.rpm
    0e1bd5cb5215e65a7120b82132ac6b9e  gd-2.0.28-4.4E.1.src.rpm
    
    i386:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    999a383add1284e00cc25185fae78008  gd-devel-2.0.28-4.4E.1.i386.rpm
    df53c01e62afb6e14d5b8299b68836b0  gd-progs-2.0.28-4.4E.1.i386.rpm
    
    ia64:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    e27753d66dc328e1fca00c9817bac747  gd-2.0.28-4.4E.1.ia64.rpm
    cf9a90ececb359b4e178a08e58fbec12  gd-devel-2.0.28-4.4E.1.ia64.rpm
    9784499cf742864a0c185ac5653d03ab  gd-progs-2.0.28-4.4E.1.ia64.rpm
    
    ppc:
    f2aaf2eeb438dc9cdbd2e17d84ab5503  gd-2.0.28-4.4E.1.ppc.rpm
    f9d4a0395e2c95f45eaab554ff81412f  gd-2.0.28-4.4E.1.ppc64.rpm
    38d97c9832e49fcce8e518647f979212  gd-devel-2.0.28-4.4E.1.ppc.rpm
    239b6c7acd59d9b3e01dc4ea2e1bf6d7  gd-progs-2.0.28-4.4E.1.ppc.rpm
    
    s390:
    54c5d0d9c01fea69d85d70d9cd7a5662  gd-2.0.28-4.4E.1.s390.rpm
    54c3a6d08d050e7607518b76a72737d1  gd-devel-2.0.28-4.4E.1.s390.rpm
    ba8a6612e144109d0961f1fe4d301388  gd-progs-2.0.28-4.4E.1.s390.rpm
    
    s390x:
    54c5d0d9c01fea69d85d70d9cd7a5662  gd-2.0.28-4.4E.1.s390.rpm
    1468dfa689881d58ac8bfe6e0166b359  gd-2.0.28-4.4E.1.s390x.rpm
    474c64458e40bea0166796eb711d5045  gd-devel-2.0.28-4.4E.1.s390x.rpm
    ee74f993e7381a5f90aaacaff217c262  gd-progs-2.0.28-4.4E.1.s390x.rpm
    
    x86_64:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    9f8f96be348ac13b987a872a80ecae58  gd-2.0.28-4.4E.1.x86_64.rpm
    3435f155aec324ef3cecca6f4d588e28  gd-devel-2.0.28-4.4E.1.x86_64.rpm
    e961c9c4bbe083244017ee6559fcf743  gd-progs-2.0.28-4.4E.1.x86_64.rpm
    
    Red Hat Enterprise Linux Desktop version 4:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gd-2.0.28-4.4E.1.src.rpm
    0e1bd5cb5215e65a7120b82132ac6b9e  gd-2.0.28-4.4E.1.src.rpm
    
    i386:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    999a383add1284e00cc25185fae78008  gd-devel-2.0.28-4.4E.1.i386.rpm
    df53c01e62afb6e14d5b8299b68836b0  gd-progs-2.0.28-4.4E.1.i386.rpm
    
    x86_64:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    9f8f96be348ac13b987a872a80ecae58  gd-2.0.28-4.4E.1.x86_64.rpm
    3435f155aec324ef3cecca6f4d588e28  gd-devel-2.0.28-4.4E.1.x86_64.rpm
    e961c9c4bbe083244017ee6559fcf743  gd-progs-2.0.28-4.4E.1.x86_64.rpm
    
    Red Hat Enterprise Linux ES version 4:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gd-2.0.28-4.4E.1.src.rpm
    0e1bd5cb5215e65a7120b82132ac6b9e  gd-2.0.28-4.4E.1.src.rpm
    
    i386:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    999a383add1284e00cc25185fae78008  gd-devel-2.0.28-4.4E.1.i386.rpm
    df53c01e62afb6e14d5b8299b68836b0  gd-progs-2.0.28-4.4E.1.i386.rpm
    
    ia64:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    e27753d66dc328e1fca00c9817bac747  gd-2.0.28-4.4E.1.ia64.rpm
    cf9a90ececb359b4e178a08e58fbec12  gd-devel-2.0.28-4.4E.1.ia64.rpm
    9784499cf742864a0c185ac5653d03ab  gd-progs-2.0.28-4.4E.1.ia64.rpm
    
    x86_64:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    9f8f96be348ac13b987a872a80ecae58  gd-2.0.28-4.4E.1.x86_64.rpm
    3435f155aec324ef3cecca6f4d588e28  gd-devel-2.0.28-4.4E.1.x86_64.rpm
    e961c9c4bbe083244017ee6559fcf743  gd-progs-2.0.28-4.4E.1.x86_64.rpm
    
    Red Hat Enterprise Linux WS version 4:
    
    SRPMS:
    ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gd-2.0.28-4.4E.1.src.rpm
    0e1bd5cb5215e65a7120b82132ac6b9e  gd-2.0.28-4.4E.1.src.rpm
    
    i386:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    999a383add1284e00cc25185fae78008  gd-devel-2.0.28-4.4E.1.i386.rpm
    df53c01e62afb6e14d5b8299b68836b0  gd-progs-2.0.28-4.4E.1.i386.rpm
    
    ia64:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    e27753d66dc328e1fca00c9817bac747  gd-2.0.28-4.4E.1.ia64.rpm
    cf9a90ececb359b4e178a08e58fbec12  gd-devel-2.0.28-4.4E.1.ia64.rpm
    9784499cf742864a0c185ac5653d03ab  gd-progs-2.0.28-4.4E.1.ia64.rpm
    
    x86_64:
    884d6670cd82e39db34c684616dea78c  gd-2.0.28-4.4E.1.i386.rpm
    9f8f96be348ac13b987a872a80ecae58  gd-2.0.28-4.4E.1.x86_64.rpm
    3435f155aec324ef3cecca6f4d588e28  gd-devel-2.0.28-4.4E.1.x86_64.rpm
    e961c9c4bbe083244017ee6559fcf743  gd-progs-2.0.28-4.4E.1.x86_64.rpm
    
    These packages are GPG signed by Red Hat for security.  Our key and 
    details on how to verify the signature are available from
    https://www.redhat.com/security/team/key/#package
    
    7. References:
    
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0941
    
    8. Contact:
    
    The Red Hat security contact is .  More contact
    details at https://www.redhat.com/security/team/contact/
    
    Copyright 2006 Red Hat, Inc.
    

    Advisories

    LinuxSecurity Poll

    Which aspect of server security are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/38-which-aspect-of-server-security-are-you-most-interested-in-learning-more-about?task=poll.vote&format=json
    38
    radio
    [{"id":"131","title":"Preventing information leakage","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"132","title":"Firewall considerations","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"133","title":"Permissions ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.