Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Scientific Linux: Moderate Gegl Update CVE-2012-4433 Heap Overflow

Scientific Large Esm H446
Moderate: gegl security update
Date: Fri, 9 Nov 2012 14:40:29 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: Distribution Servers Downtime - 45 minutes on November 13, 2012
Comments: To: "SCIENTIFIC-LINUX-ANNOUNCE@"
 
Comments: cc: This email address is being protected from spambots. You need JavaScript enabled to view it.
MIME-Version: 1.0

Hello,

The distribution servers rsync.scientificlinux.org,
ftp.scientificlinux.org, ftp1.scientificlinux.org, and
ftp2.scientificlinux.org will be going down on:

Tuesday November 13, 2012 at 06:00am CST (Chicago)

Affected Machines:
* rsync.scientificlinux.org
* ftp.scientificlinux.org
* ftp1.scientificlinux.org
* ftp2.scientificlinux.org

Begin Downtime:
 November 13, 2012 at 06:00am CST (Chicago)

The downtime is expected to last for 45 minutes.

End Downtime:
 November 13, 2012 at 06:45am CST (Chicago)

For your local time you can run date -d '2012-11-13 06:00 CST'

Maintenance will consist of the following:

Updates to routing tables, this should increase fault tolerance.

Thank you for your patience while we perform this maintenance.

Pat Riehecky
Date: Mon, 12 Nov 2012 16:02:27 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: Security ERRATA Moderate: gegl on SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Moderate: gegl security update
Issue Date: 2012-11-12
CVE Numbers: CVE-2012-4433
--

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way the gegl utility processed.ppm (Portable Pixel Map) image
files. An attacker could create a specially-crafted.ppm file that, when
opened in gegl, would cause gegl to crash or, potentially, execute
arbitrary code. (CVE-2012-4433)
--

SL6
 x86_64
 gegl-0.1.2-4.el6_3.x86_64.rpm
 gegl-0.1.2-4.el6_3.i686.rpm
 gegl-devel-0.1.2-4.el6_3.i686.rpm
 gegl-devel-0.1.2-4.el6_3.x86_64.rpm
 i386
 gegl-0.1.2-4.el6_3.i686.rpm
 gegl-devel-0.1.2-4.el6_3.i686.rpm

- Scientific Linux Development Team
Your message here