Red Hat: RHSA-2007:0513-01 Moderate: GIMP Image Loader Exploits

Updated gimp packages that fix several security issues are now available for Red Hat Enterprise Linux. Multiple integer overflow and input validation flaws were found in The GIMP's image loaders. An attacker could create a carefully crafted image file that could cause The GIMP to crash or possibly execute arbitrary code if the file was opened by a victim.

- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Moderate: gimp security update
Advisory ID:       RHSA-2007:0513-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:0513.html
Issue date:        2007-09-26
Updated on:        2007-09-26
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2006-4519 CVE-2007-2949 CVE-2007-3741 
- ---------------------------------------------------------------------1. Summary:

Updated gimp packages that fix several security issues are now available
for Red Hat Enterprise Linux.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1  - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

The GIMP (GNU Image Manipulation Program) is an image composition and
editing program.

Multiple integer overflow and input validation flaws were found in The
GIMP's image loaders.  An attacker could create a carefully crafted image
file that could cause The GIMP to crash or possibly execute arbitrary code
if the file was opened by a victim. (CVE-2006-4519, CVE-2007-2949,
CVE-2007-3741)

Users of The GIMP should update to these erratum packages, which contain a
backported fix to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

244400 - CVE-2007-2949 Gimp PSD integer overflow
247565 - CVE-2006-4519 GIMP multiple image loader integer overflows
248053 - CVE-2007-3741 Gimp image loader multiple input validation flaws

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 :

SRPMS:
59eef4bdc5c0784f6b125c81deeabf2d  gimp-1.2.1-7.8.el2_1.src.rpm

i386:
1f09d9a19e0423c1042bc828efaae701  gimp-1.2.1-7.8.el2_1.i386.rpm
63b21eb4ef58cbef28b9fdcc30145a6a  gimp-devel-1.2.1-7.8.el2_1.i386.rpm
6a09b4872231e81b9bbfed7f28425258  gimp-perl-1.2.1-7.8.el2_1.i386.rpm

ia64:
2ad9e3eadb1b011a4b770151275c59da  gimp-1.2.1-7.8.el2_1.ia64.rpm
d2ec83106b855a498328bd384e905207  gimp-devel-1.2.1-7.8.el2_1.ia64.rpm
25bce223f500b351b281bbe0f1e45bc3  gimp-perl-1.2.1-7.8.el2_1.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
59eef4bdc5c0784f6b125c81deeabf2d  gimp-1.2.1-7.8.el2_1.src.rpm

ia64:
2ad9e3eadb1b011a4b770151275c59da  gimp-1.2.1-7.8.el2_1.ia64.rpm
d2ec83106b855a498328bd384e905207  gimp-devel-1.2.1-7.8.el2_1.ia64.rpm
25bce223f500b351b281bbe0f1e45bc3  gimp-perl-1.2.1-7.8.el2_1.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
59eef4bdc5c0784f6b125c81deeabf2d  gimp-1.2.1-7.8.el2_1.src.rpm

i386:
1f09d9a19e0423c1042bc828efaae701  gimp-1.2.1-7.8.el2_1.i386.rpm
63b21eb4ef58cbef28b9fdcc30145a6a  gimp-devel-1.2.1-7.8.el2_1.i386.rpm
6a09b4872231e81b9bbfed7f28425258  gimp-perl-1.2.1-7.8.el2_1.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
59eef4bdc5c0784f6b125c81deeabf2d  gimp-1.2.1-7.8.el2_1.src.rpm

i386:
1f09d9a19e0423c1042bc828efaae701  gimp-1.2.1-7.8.el2_1.i386.rpm
63b21eb4ef58cbef28b9fdcc30145a6a  gimp-devel-1.2.1-7.8.el2_1.i386.rpm
6a09b4872231e81b9bbfed7f28425258  gimp-perl-1.2.1-7.8.el2_1.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ff0a4b1adc7398dbd32cff449a007f6e  gimp-1.2.3-20.9.el3.src.rpm

i386:
1e11a248e1a93e2c4c5482d440baeab4  gimp-1.2.3-20.9.el3.i386.rpm
0f6cb17d01f3a070c4fd492783199b22  gimp-devel-1.2.3-20.9.el3.i386.rpm
e2db5cc9c3920d816a993672ea7d4cc0  gimp-perl-1.2.3-20.9.el3.i386.rpm

ia64:
78fc605c197072bdf9339bcca36cc894  gimp-1.2.3-20.9.el3.ia64.rpm
7549bcea8cc5036a69b279734723224a  gimp-devel-1.2.3-20.9.el3.ia64.rpm
379a687860591ad2848c272c776acbcf  gimp-perl-1.2.3-20.9.el3.ia64.rpm

ppc:
858543555b5272befbcebd2013b7e9fa  gimp-1.2.3-20.9.el3.ppc.rpm
0b976bd945acaf32560b4208fc7d7fe6  gimp-devel-1.2.3-20.9.el3.ppc.rpm
9e1070a9f09f3a14f454cf87350131d6  gimp-perl-1.2.3-20.9.el3.ppc.rpm

s390:
8ae617b4c381bfca71296f70de45b938  gimp-1.2.3-20.9.el3.s390.rpm
b081299ca2638905e860dd2ddcaeac13  gimp-devel-1.2.3-20.9.el3.s390.rpm
eb94a75d290ef67a7a3d14ae035d54cc  gimp-perl-1.2.3-20.9.el3.s390.rpm

s390x:
cb1ee414ff1f321dde875dbed33e69ab  gimp-1.2.3-20.9.el3.s390x.rpm
cb68dfff782810cf89e575e829c8b672  gimp-devel-1.2.3-20.9.el3.s390x.rpm
02e5792892a5dcf805a615531a08f68a  gimp-perl-1.2.3-20.9.el3.s390x.rpm

x86_64:
5c3d6d43390a2fca87e6f2bc18dee2cf  gimp-1.2.3-20.9.el3.x86_64.rpm
e50ba94d499fa70ab83d7e5b35feb1c5  gimp-devel-1.2.3-20.9.el3.x86_64.rpm
82faaf7e8b6d287bf72d015ca913e345  gimp-perl-1.2.3-20.9.el3.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ff0a4b1adc7398dbd32cff449a007f6e  gimp-1.2.3-20.9.el3.src.rpm

i386:
1e11a248e1a93e2c4c5482d440baeab4  gimp-1.2.3-20.9.el3.i386.rpm
0f6cb17d01f3a070c4fd492783199b22  gimp-devel-1.2.3-20.9.el3.i386.rpm
e2db5cc9c3920d816a993672ea7d4cc0  gimp-perl-1.2.3-20.9.el3.i386.rpm

x86_64:
5c3d6d43390a2fca87e6f2bc18dee2cf  gimp-1.2.3-20.9.el3.x86_64.rpm
e50ba94d499fa70ab83d7e5b35feb1c5  gimp-devel-1.2.3-20.9.el3.x86_64.rpm
82faaf7e8b6d287bf72d015ca913e345  gimp-perl-1.2.3-20.9.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ff0a4b1adc7398dbd32cff449a007f6e  gimp-1.2.3-20.9.el3.src.rpm

i386:
1e11a248e1a93e2c4c5482d440baeab4  gimp-1.2.3-20.9.el3.i386.rpm
0f6cb17d01f3a070c4fd492783199b22  gimp-devel-1.2.3-20.9.el3.i386.rpm
e2db5cc9c3920d816a993672ea7d4cc0  gimp-perl-1.2.3-20.9.el3.i386.rpm

ia64:
78fc605c197072bdf9339bcca36cc894  gimp-1.2.3-20.9.el3.ia64.rpm
7549bcea8cc5036a69b279734723224a  gimp-devel-1.2.3-20.9.el3.ia64.rpm
379a687860591ad2848c272c776acbcf  gimp-perl-1.2.3-20.9.el3.ia64.rpm

x86_64:
5c3d6d43390a2fca87e6f2bc18dee2cf  gimp-1.2.3-20.9.el3.x86_64.rpm
e50ba94d499fa70ab83d7e5b35feb1c5  gimp-devel-1.2.3-20.9.el3.x86_64.rpm
82faaf7e8b6d287bf72d015ca913e345  gimp-perl-1.2.3-20.9.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ff0a4b1adc7398dbd32cff449a007f6e  gimp-1.2.3-20.9.el3.src.rpm

i386:
1e11a248e1a93e2c4c5482d440baeab4  gimp-1.2.3-20.9.el3.i386.rpm
0f6cb17d01f3a070c4fd492783199b22  gimp-devel-1.2.3-20.9.el3.i386.rpm
e2db5cc9c3920d816a993672ea7d4cc0  gimp-perl-1.2.3-20.9.el3.i386.rpm

ia64:
78fc605c197072bdf9339bcca36cc894  gimp-1.2.3-20.9.el3.ia64.rpm
7549bcea8cc5036a69b279734723224a  gimp-devel-1.2.3-20.9.el3.ia64.rpm
379a687860591ad2848c272c776acbcf  gimp-perl-1.2.3-20.9.el3.ia64.rpm

x86_64:
5c3d6d43390a2fca87e6f2bc18dee2cf  gimp-1.2.3-20.9.el3.x86_64.rpm
e50ba94d499fa70ab83d7e5b35feb1c5  gimp-devel-1.2.3-20.9.el3.x86_64.rpm
82faaf7e8b6d287bf72d015ca913e345  gimp-perl-1.2.3-20.9.el3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
29b119dac567ff6957e93c6af5f1393e  gimp-2.0.5-7.0.7.el4.src.rpm

i386:
ff65a609cb31bc2dbcd5fe18e4fdaa29  gimp-2.0.5-7.0.7.el4.i386.rpm
cbeee2a12cf4b6691493030190d506fe  gimp-debuginfo-2.0.5-7.0.7.el4.i386.rpm
83be2b5ef0b4a416dd47918413f8c88e  gimp-devel-2.0.5-7.0.7.el4.i386.rpm

ia64:
deff28a79ab88b50a49fbf986277bc6b  gimp-2.0.5-7.0.7.el4.ia64.rpm
f545ad084348598b85cb3153acbf7701  gimp-debuginfo-2.0.5-7.0.7.el4.ia64.rpm
ce3a97092d6ac55083924a0ce2da931e  gimp-devel-2.0.5-7.0.7.el4.ia64.rpm

ppc:
4ac04b1427f73033115de526b54744fd  gimp-2.0.5-7.0.7.el4.ppc.rpm
801b74e15e84ce59d9724473dcc288de  gimp-debuginfo-2.0.5-7.0.7.el4.ppc.rpm
87570cf7e7e396dbb4643ce34b5e0873  gimp-devel-2.0.5-7.0.7.el4.ppc.rpm

s390:
d23302820e658526adb3f367acdb0cf3  gimp-2.0.5-7.0.7.el4.s390.rpm
13e91c25900e57b91f6daaa6669724ca  gimp-debuginfo-2.0.5-7.0.7.el4.s390.rpm
f3c9c4edb60abb7fd3f95ac874284e84  gimp-devel-2.0.5-7.0.7.el4.s390.rpm

s390x:
ee2a5523901e29160136367a1a513459  gimp-2.0.5-7.0.7.el4.s390x.rpm
35df18d0eba5669595bc2f49537a10cb  gimp-debuginfo-2.0.5-7.0.7.el4.s390x.rpm
c7948bac98dd63514e520161d79446e5  gimp-devel-2.0.5-7.0.7.el4.s390x.rpm

x86_64:
c2cc217468539acabe0c1f021e8f95ed  gimp-2.0.5-7.0.7.el4.x86_64.rpm
2ce8a1d7f7bd38db9e467d29fa9fe461  gimp-debuginfo-2.0.5-7.0.7.el4.x86_64.rpm
2466301e8fd7d671c9d08816f88e5b8c  gimp-devel-2.0.5-7.0.7.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
29b119dac567ff6957e93c6af5f1393e  gimp-2.0.5-7.0.7.el4.src.rpm

i386:
ff65a609cb31bc2dbcd5fe18e4fdaa29  gimp-2.0.5-7.0.7.el4.i386.rpm
cbeee2a12cf4b6691493030190d506fe  gimp-debuginfo-2.0.5-7.0.7.el4.i386.rpm
83be2b5ef0b4a416dd47918413f8c88e  gimp-devel-2.0.5-7.0.7.el4.i386.rpm

x86_64:
c2cc217468539acabe0c1f021e8f95ed  gimp-2.0.5-7.0.7.el4.x86_64.rpm
2ce8a1d7f7bd38db9e467d29fa9fe461  gimp-debuginfo-2.0.5-7.0.7.el4.x86_64.rpm
2466301e8fd7d671c9d08816f88e5b8c  gimp-devel-2.0.5-7.0.7.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
29b119dac567ff6957e93c6af5f1393e  gimp-2.0.5-7.0.7.el4.src.rpm

i386:
ff65a609cb31bc2dbcd5fe18e4fdaa29  gimp-2.0.5-7.0.7.el4.i386.rpm
cbeee2a12cf4b6691493030190d506fe  gimp-debuginfo-2.0.5-7.0.7.el4.i386.rpm
83be2b5ef0b4a416dd47918413f8c88e  gimp-devel-2.0.5-7.0.7.el4.i386.rpm

ia64:
deff28a79ab88b50a49fbf986277bc6b  gimp-2.0.5-7.0.7.el4.ia64.rpm
f545ad084348598b85cb3153acbf7701  gimp-debuginfo-2.0.5-7.0.7.el4.ia64.rpm
ce3a97092d6ac55083924a0ce2da931e  gimp-devel-2.0.5-7.0.7.el4.ia64.rpm

x86_64:
c2cc217468539acabe0c1f021e8f95ed  gimp-2.0.5-7.0.7.el4.x86_64.rpm
2ce8a1d7f7bd38db9e467d29fa9fe461  gimp-debuginfo-2.0.5-7.0.7.el4.x86_64.rpm
2466301e8fd7d671c9d08816f88e5b8c  gimp-devel-2.0.5-7.0.7.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
29b119dac567ff6957e93c6af5f1393e  gimp-2.0.5-7.0.7.el4.src.rpm

i386:
ff65a609cb31bc2dbcd5fe18e4fdaa29  gimp-2.0.5-7.0.7.el4.i386.rpm
cbeee2a12cf4b6691493030190d506fe  gimp-debuginfo-2.0.5-7.0.7.el4.i386.rpm
83be2b5ef0b4a416dd47918413f8c88e  gimp-devel-2.0.5-7.0.7.el4.i386.rpm

ia64:
deff28a79ab88b50a49fbf986277bc6b  gimp-2.0.5-7.0.7.el4.ia64.rpm
f545ad084348598b85cb3153acbf7701  gimp-debuginfo-2.0.5-7.0.7.el4.ia64.rpm
ce3a97092d6ac55083924a0ce2da931e  gimp-devel-2.0.5-7.0.7.el4.ia64.rpm

x86_64:
c2cc217468539acabe0c1f021e8f95ed  gimp-2.0.5-7.0.7.el4.x86_64.rpm
2ce8a1d7f7bd38db9e467d29fa9fe461  gimp-debuginfo-2.0.5-7.0.7.el4.x86_64.rpm
2466301e8fd7d671c9d08816f88e5b8c  gimp-devel-2.0.5-7.0.7.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
e9762d2684370941f8da59ef55c1325d  gimp-2.2.13-2.0.7.el5.src.rpm

i386:
13f4de8f00c982d75cfcef265a295c6c  gimp-2.2.13-2.0.7.el5.i386.rpm
3f6c22b73cccd7b2d2fed7bd713db6ce  gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm
86193e8ca23c04ce03a99456a3aa97f6  gimp-libs-2.2.13-2.0.7.el5.i386.rpm

x86_64:
f2396f459c6cbdc33f9c2085a75a3684  gimp-2.2.13-2.0.7.el5.x86_64.rpm
3f6c22b73cccd7b2d2fed7bd713db6ce  gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm
770f2b037b13a97bf372bafb8afadb1e  gimp-debuginfo-2.2.13-2.0.7.el5.x86_64.rpm
86193e8ca23c04ce03a99456a3aa97f6  gimp-libs-2.2.13-2.0.7.el5.i386.rpm
24656d0a4b760ceec3a19242a3e8c105  gimp-libs-2.2.13-2.0.7.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
e9762d2684370941f8da59ef55c1325d  gimp-2.2.13-2.0.7.el5.src.rpm

i386:
3f6c22b73cccd7b2d2fed7bd713db6ce  gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm
0571ba1905c43282dc605376c0caceb9  gimp-devel-2.2.13-2.0.7.el5.i386.rpm

x86_64:
3f6c22b73cccd7b2d2fed7bd713db6ce  gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm
770f2b037b13a97bf372bafb8afadb1e  gimp-debuginfo-2.2.13-2.0.7.el5.x86_64.rpm
0571ba1905c43282dc605376c0caceb9  gimp-devel-2.2.13-2.0.7.el5.i386.rpm
c5437efb940328d63aae7f9c8f3a9a18  gimp-devel-2.2.13-2.0.7.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
e9762d2684370941f8da59ef55c1325d  gimp-2.2.13-2.0.7.el5.src.rpm

i386:
13f4de8f00c982d75cfcef265a295c6c  gimp-2.2.13-2.0.7.el5.i386.rpm
3f6c22b73cccd7b2d2fed7bd713db6ce  gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm
0571ba1905c43282dc605376c0caceb9  gimp-devel-2.2.13-2.0.7.el5.i386.rpm
86193e8ca23c04ce03a99456a3aa97f6  gimp-libs-2.2.13-2.0.7.el5.i386.rpm

ia64:
94dba1613843d19c9e3d5f0d504b3dc1  gimp-2.2.13-2.0.7.el5.ia64.rpm
6fd72616ab2c7eb04f7d2adccf0b549f  gimp-debuginfo-2.2.13-2.0.7.el5.ia64.rpm
0df8010af56c53753a3e99809bd87f23  gimp-devel-2.2.13-2.0.7.el5.ia64.rpm
05807cb6139af39e2295145dd8b55eb7  gimp-libs-2.2.13-2.0.7.el5.ia64.rpm

ppc:
32eda5a38a1faa00d7e2f1e14d08e1d0  gimp-2.2.13-2.0.7.el5.ppc.rpm
f2b3b1186bd91a6fcf7d0372479990a1  gimp-debuginfo-2.2.13-2.0.7.el5.ppc.rpm
ebb42753dc00d09b5e5d31cee7bfe646  gimp-debuginfo-2.2.13-2.0.7.el5.ppc64.rpm
05e418d3b9e787a6b87e05911fca3782  gimp-devel-2.2.13-2.0.7.el5.ppc.rpm
8afc7a20cfdc440d96f9e74871de9b33  gimp-devel-2.2.13-2.0.7.el5.ppc64.rpm
821deff7dd5b88521c78c92ada034e38  gimp-libs-2.2.13-2.0.7.el5.ppc.rpm
74b4251c84c75b7d0c128440b859ad3f  gimp-libs-2.2.13-2.0.7.el5.ppc64.rpm

s390x:
c3585102b9367f33ed9d401ae475b49b  gimp-2.2.13-2.0.7.el5.s390x.rpm
d95d7571387281982346beae7cc8d822  gimp-debuginfo-2.2.13-2.0.7.el5.s390.rpm
f1cdc69c6f1c48c53ed6a82db18b1328  gimp-debuginfo-2.2.13-2.0.7.el5.s390x.rpm
347c0aa77abf4cf22bbebec7c88913da  gimp-devel-2.2.13-2.0.7.el5.s390.rpm
75924fd3f7981035b9e536e7663dab38  gimp-devel-2.2.13-2.0.7.el5.s390x.rpm
3ef7f1114669ded1b30d315719119879  gimp-libs-2.2.13-2.0.7.el5.s390.rpm
398b07a8a4032709b07f3b144bbb504e  gimp-libs-2.2.13-2.0.7.el5.s390x.rpm

x86_64:
f2396f459c6cbdc33f9c2085a75a3684  gimp-2.2.13-2.0.7.el5.x86_64.rpm
3f6c22b73cccd7b2d2fed7bd713db6ce  gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm
770f2b037b13a97bf372bafb8afadb1e  gimp-debuginfo-2.2.13-2.0.7.el5.x86_64.rpm
0571ba1905c43282dc605376c0caceb9  gimp-devel-2.2.13-2.0.7.el5.i386.rpm
c5437efb940328d63aae7f9c8f3a9a18  gimp-devel-2.2.13-2.0.7.el5.x86_64.rpm
86193e8ca23c04ce03a99456a3aa97f6  gimp-libs-2.2.13-2.0.7.el5.i386.rpm
24656d0a4b760ceec3a19242a3e8c105  gimp-libs-2.2.13-2.0.7.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://access.redhat.com/security/team/key#package

7. References:

https://www.cve.org/CVERecord?id=CVE-2006-4519
https://www.cve.org/CVERecord?id=CVE-2007-2949
https://www.cve.org/CVERecord?id=CVE-2007-3741
https://access.redhat.com/security/updates/classification#moderate

8. Contact:

The Red Hat security contact is .  More contact
details at https://access.redhat.com/security/team/contact

Copyright 2007 Red Hat, Inc.

Red Hat: RHSA-2007:0513-01 Moderate: GIMP Image Loader Exploits

red hat

September 26, 2007

Updated gimp packages that fix several security issues are now available for Red Hat Enterprise Linux

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

244400 - CVE-2007-2949 Gimp PSD integer overflow 247565 - CVE-2006-4519 GIMP multiple image loader integer overflows 248053 - CVE-2007-3741 Gimp image loader multiple input validation flaws

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 :

SRPMS: 59eef4bdc5c0784f6b125c81deeabf2d gimp-1.2.1-7.8.el2_1.src.rpm

i386: 1f09d9a19e0423c1042bc828efaae701 gimp-1.2.1-7.8.el2_1.i386.rpm 63b21eb4ef58cbef28b9fdcc30145a6a gimp-devel-1.2.1-7.8.el2_1.i386.rpm 6a09b4872231e81b9bbfed7f28425258 gimp-perl-1.2.1-7.8.el2_1.i386.rpm

ia64: 2ad9e3eadb1b011a4b770151275c59da gimp-1.2.1-7.8.el2_1.ia64.rpm d2ec83106b855a498328bd384e905207 gimp-devel-1.2.1-7.8.el2_1.ia64.rpm 25bce223f500b351b281bbe0f1e45bc3 gimp-perl-1.2.1-7.8.el2_1.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS: 59eef4bdc5c0784f6b125c81deeabf2d gimp-1.2.1-7.8.el2_1.src.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS: 59eef4bdc5c0784f6b125c81deeabf2d gimp-1.2.1-7.8.el2_1.src.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS: 59eef4bdc5c0784f6b125c81deeabf2d gimp-1.2.1-7.8.el2_1.src.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS: ff0a4b1adc7398dbd32cff449a007f6e gimp-1.2.3-20.9.el3.src.rpm

i386: 1e11a248e1a93e2c4c5482d440baeab4 gimp-1.2.3-20.9.el3.i386.rpm 0f6cb17d01f3a070c4fd492783199b22 gimp-devel-1.2.3-20.9.el3.i386.rpm e2db5cc9c3920d816a993672ea7d4cc0 gimp-perl-1.2.3-20.9.el3.i386.rpm

ia64: 78fc605c197072bdf9339bcca36cc894 gimp-1.2.3-20.9.el3.ia64.rpm 7549bcea8cc5036a69b279734723224a gimp-devel-1.2.3-20.9.el3.ia64.rpm 379a687860591ad2848c272c776acbcf gimp-perl-1.2.3-20.9.el3.ia64.rpm

ppc: 858543555b5272befbcebd2013b7e9fa gimp-1.2.3-20.9.el3.ppc.rpm 0b976bd945acaf32560b4208fc7d7fe6 gimp-devel-1.2.3-20.9.el3.ppc.rpm 9e1070a9f09f3a14f454cf87350131d6 gimp-perl-1.2.3-20.9.el3.ppc.rpm

s390: 8ae617b4c381bfca71296f70de45b938 gimp-1.2.3-20.9.el3.s390.rpm b081299ca2638905e860dd2ddcaeac13 gimp-devel-1.2.3-20.9.el3.s390.rpm eb94a75d290ef67a7a3d14ae035d54cc gimp-perl-1.2.3-20.9.el3.s390.rpm

s390x: cb1ee414ff1f321dde875dbed33e69ab gimp-1.2.3-20.9.el3.s390x.rpm cb68dfff782810cf89e575e829c8b672 gimp-devel-1.2.3-20.9.el3.s390x.rpm 02e5792892a5dcf805a615531a08f68a gimp-perl-1.2.3-20.9.el3.s390x.rpm

x86_64: 5c3d6d43390a2fca87e6f2bc18dee2cf gimp-1.2.3-20.9.el3.x86_64.rpm e50ba94d499fa70ab83d7e5b35feb1c5 gimp-devel-1.2.3-20.9.el3.x86_64.rpm 82faaf7e8b6d287bf72d015ca913e345 gimp-perl-1.2.3-20.9.el3.x86_64.rpm

Red Hat Desktop version 3:

SRPMS: ff0a4b1adc7398dbd32cff449a007f6e gimp-1.2.3-20.9.el3.src.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS: ff0a4b1adc7398dbd32cff449a007f6e gimp-1.2.3-20.9.el3.src.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS: ff0a4b1adc7398dbd32cff449a007f6e gimp-1.2.3-20.9.el3.src.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS: 29b119dac567ff6957e93c6af5f1393e gimp-2.0.5-7.0.7.el4.src.rpm

i386: ff65a609cb31bc2dbcd5fe18e4fdaa29 gimp-2.0.5-7.0.7.el4.i386.rpm cbeee2a12cf4b6691493030190d506fe gimp-debuginfo-2.0.5-7.0.7.el4.i386.rpm 83be2b5ef0b4a416dd47918413f8c88e gimp-devel-2.0.5-7.0.7.el4.i386.rpm

ia64: deff28a79ab88b50a49fbf986277bc6b gimp-2.0.5-7.0.7.el4.ia64.rpm f545ad084348598b85cb3153acbf7701 gimp-debuginfo-2.0.5-7.0.7.el4.ia64.rpm ce3a97092d6ac55083924a0ce2da931e gimp-devel-2.0.5-7.0.7.el4.ia64.rpm

ppc: 4ac04b1427f73033115de526b54744fd gimp-2.0.5-7.0.7.el4.ppc.rpm 801b74e15e84ce59d9724473dcc288de gimp-debuginfo-2.0.5-7.0.7.el4.ppc.rpm 87570cf7e7e396dbb4643ce34b5e0873 gimp-devel-2.0.5-7.0.7.el4.ppc.rpm

s390: d23302820e658526adb3f367acdb0cf3 gimp-2.0.5-7.0.7.el4.s390.rpm 13e91c25900e57b91f6daaa6669724ca gimp-debuginfo-2.0.5-7.0.7.el4.s390.rpm f3c9c4edb60abb7fd3f95ac874284e84 gimp-devel-2.0.5-7.0.7.el4.s390.rpm

s390x: ee2a5523901e29160136367a1a513459 gimp-2.0.5-7.0.7.el4.s390x.rpm 35df18d0eba5669595bc2f49537a10cb gimp-debuginfo-2.0.5-7.0.7.el4.s390x.rpm c7948bac98dd63514e520161d79446e5 gimp-devel-2.0.5-7.0.7.el4.s390x.rpm

x86_64: c2cc217468539acabe0c1f021e8f95ed gimp-2.0.5-7.0.7.el4.x86_64.rpm 2ce8a1d7f7bd38db9e467d29fa9fe461 gimp-debuginfo-2.0.5-7.0.7.el4.x86_64.rpm 2466301e8fd7d671c9d08816f88e5b8c gimp-devel-2.0.5-7.0.7.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: 29b119dac567ff6957e93c6af5f1393e gimp-2.0.5-7.0.7.el4.src.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: 29b119dac567ff6957e93c6af5f1393e gimp-2.0.5-7.0.7.el4.src.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: 29b119dac567ff6957e93c6af5f1393e gimp-2.0.5-7.0.7.el4.src.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS: e9762d2684370941f8da59ef55c1325d gimp-2.2.13-2.0.7.el5.src.rpm

i386: 13f4de8f00c982d75cfcef265a295c6c gimp-2.2.13-2.0.7.el5.i386.rpm 3f6c22b73cccd7b2d2fed7bd713db6ce gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm 86193e8ca23c04ce03a99456a3aa97f6 gimp-libs-2.2.13-2.0.7.el5.i386.rpm

x86_64: f2396f459c6cbdc33f9c2085a75a3684 gimp-2.2.13-2.0.7.el5.x86_64.rpm 3f6c22b73cccd7b2d2fed7bd713db6ce gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm 770f2b037b13a97bf372bafb8afadb1e gimp-debuginfo-2.2.13-2.0.7.el5.x86_64.rpm 86193e8ca23c04ce03a99456a3aa97f6 gimp-libs-2.2.13-2.0.7.el5.i386.rpm 24656d0a4b760ceec3a19242a3e8c105 gimp-libs-2.2.13-2.0.7.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS: e9762d2684370941f8da59ef55c1325d gimp-2.2.13-2.0.7.el5.src.rpm

i386: 3f6c22b73cccd7b2d2fed7bd713db6ce gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm 0571ba1905c43282dc605376c0caceb9 gimp-devel-2.2.13-2.0.7.el5.i386.rpm

x86_64: 3f6c22b73cccd7b2d2fed7bd713db6ce gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm 770f2b037b13a97bf372bafb8afadb1e gimp-debuginfo-2.2.13-2.0.7.el5.x86_64.rpm 0571ba1905c43282dc605376c0caceb9 gimp-devel-2.2.13-2.0.7.el5.i386.rpm c5437efb940328d63aae7f9c8f3a9a18 gimp-devel-2.2.13-2.0.7.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS: e9762d2684370941f8da59ef55c1325d gimp-2.2.13-2.0.7.el5.src.rpm

i386: 13f4de8f00c982d75cfcef265a295c6c gimp-2.2.13-2.0.7.el5.i386.rpm 3f6c22b73cccd7b2d2fed7bd713db6ce gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm 0571ba1905c43282dc605376c0caceb9 gimp-devel-2.2.13-2.0.7.el5.i386.rpm 86193e8ca23c04ce03a99456a3aa97f6 gimp-libs-2.2.13-2.0.7.el5.i386.rpm

ia64: 94dba1613843d19c9e3d5f0d504b3dc1 gimp-2.2.13-2.0.7.el5.ia64.rpm 6fd72616ab2c7eb04f7d2adccf0b549f gimp-debuginfo-2.2.13-2.0.7.el5.ia64.rpm 0df8010af56c53753a3e99809bd87f23 gimp-devel-2.2.13-2.0.7.el5.ia64.rpm 05807cb6139af39e2295145dd8b55eb7 gimp-libs-2.2.13-2.0.7.el5.ia64.rpm

ppc: 32eda5a38a1faa00d7e2f1e14d08e1d0 gimp-2.2.13-2.0.7.el5.ppc.rpm f2b3b1186bd91a6fcf7d0372479990a1 gimp-debuginfo-2.2.13-2.0.7.el5.ppc.rpm ebb42753dc00d09b5e5d31cee7bfe646 gimp-debuginfo-2.2.13-2.0.7.el5.ppc64.rpm 05e418d3b9e787a6b87e05911fca3782 gimp-devel-2.2.13-2.0.7.el5.ppc.rpm 8afc7a20cfdc440d96f9e74871de9b33 gimp-devel-2.2.13-2.0.7.el5.ppc64.rpm 821deff7dd5b88521c78c92ada034e38 gimp-libs-2.2.13-2.0.7.el5.ppc.rpm 74b4251c84c75b7d0c128440b859ad3f gimp-libs-2.2.13-2.0.7.el5.ppc64.rpm

s390x: c3585102b9367f33ed9d401ae475b49b gimp-2.2.13-2.0.7.el5.s390x.rpm d95d7571387281982346beae7cc8d822 gimp-debuginfo-2.2.13-2.0.7.el5.s390.rpm f1cdc69c6f1c48c53ed6a82db18b1328 gimp-debuginfo-2.2.13-2.0.7.el5.s390x.rpm 347c0aa77abf4cf22bbebec7c88913da gimp-devel-2.2.13-2.0.7.el5.s390.rpm 75924fd3f7981035b9e536e7663dab38 gimp-devel-2.2.13-2.0.7.el5.s390x.rpm 3ef7f1114669ded1b30d315719119879 gimp-libs-2.2.13-2.0.7.el5.s390.rpm 398b07a8a4032709b07f3b144bbb504e gimp-libs-2.2.13-2.0.7.el5.s390x.rpm

x86_64: f2396f459c6cbdc33f9c2085a75a3684 gimp-2.2.13-2.0.7.el5.x86_64.rpm 3f6c22b73cccd7b2d2fed7bd713db6ce gimp-debuginfo-2.2.13-2.0.7.el5.i386.rpm 770f2b037b13a97bf372bafb8afadb1e gimp-debuginfo-2.2.13-2.0.7.el5.x86_64.rpm 0571ba1905c43282dc605376c0caceb9 gimp-devel-2.2.13-2.0.7.el5.i386.rpm c5437efb940328d63aae7f9c8f3a9a18 gimp-devel-2.2.13-2.0.7.el5.x86_64.rpm 86193e8ca23c04ce03a99456a3aa97f6 gimp-libs-2.2.13-2.0.7.el5.i386.rpm 24656d0a4b760ceec3a19242a3e8c105 gimp-libs-2.2.13-2.0.7.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

Topics Covered

security advisory Red Hat moderate impact input validation integer overflow gimp image loader

References

https://www.cve.org/CVERecord?id=CVE-2006-4519 https://www.cve.org/CVERecord?id=CVE-2007-2949 https://www.cve.org/CVERecord?id=CVE-2007-3741 https://access.redhat.com/security/updates/classification#moderate

Package List

Advisory ID: RHSA-2007:0513-01

Advisory URL: https://access.redhat.com/errata/RHSA-2007:0513.html

Issue date: 2007-09-26

Updated on: 2007-09-26

Product: Red Hat Enterprise Linux

Topic

Topics Covered

security advisory Red Hat moderate impact input validation integer overflow gimp image loader

Relevant Releases Architectures

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64

Red Hat Linux Advanced Workstation 2.1 - ia64

Red Hat Enterprise Linux ES version 2.1 - i386

Red Hat Enterprise Linux WS version 2.1 - i386

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Desktop version 3 - i386, x86_64

Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Red Hat: RHSA-2007:0513-01 Moderate: GIMP Image Loader Exploits

Topics Covered

Search Advisories & Updates

Recent Searches

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Red Hat: RHSA-2007:0513-01 Moderate: GIMP Image Loader Exploits

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Red Hat: RHSA-2007:0513-01 Moderate: GIMP Image Loader Exploits

Topics Covered

Search Advisories & Updates

Recent Searches

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Red Hat: RHSA-2007:0513-01 Moderate: GIMP Image Loader Exploits

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!