Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Slackware: 2023-214-07 Urgent: PNG Image Processor Vulnerability Exposed

slackware
Calendar Grey July 15, 2005
Dist Slackware Esm H88
New XV image viewer packages fix format string crash and arbitrary code execution issues for Slackware users.
New XV image viewer packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues

Summary

Here are the details from the Slackware 10.1 ChangeLog: patches/packages/xv-3.10a-i486-4.tgz: Upgraded to the latest XV jumbo patches, xv-3.10a-jumbo-fix-patch-20050410 and xv-3.10a-jumbo-enh-patch-20050501. These fix a number of format string and other possible security issues in addition to providing many other bugfixes and enhancements. (Thanks to Greg Roelofs) (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical slackware execution risk image viewer

Where Find New Packages

Updated package for Slackware 8.1: ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/xv-3.10a-i386-4.tgz
Updated package for Slackware 9.0: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/xv-3.10a-i386-4.tgz
Updated package for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/xv-3.10a-i486-4.tgz
Updated package for Slackware 10.0: ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/xv-3.10a-i486-4.tgz
Updated package for Slackware 10.1: ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/xv-3.10a-i486-4.tgz
Updated package for Slackware -current:

MD5 Signatures

Slackware 8.1 package: 93a5c439abfd38c5756ec722241933dc xv-3.10a-i386-4.tgz
Slackware 9.0 package: ab790daee1531ed6ee311831717e2933 xv-3.10a-i386-4.tgz
Slackware 9.1 package: aaf1269856d9239209d8c4b0ae28869f xv-3.10a-i486-4.tgz
Slackware 10.0 package: 8b9c9898f5a90ffde882ae588b1ea8bc xv-3.10a-i486-4.tgz
Slackware 10.1 package: 21173a21c6423f952d944c0b3712a4d6 xv-3.10a-i486-4.tgz
Slackware -current package: 4ce3ef84a524093467466f0df30c2672 xv-3.10a-i486-4.tgz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical slackware execution risk image viewer

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg xv-3.10a-i486-4.tgz

Related News

Your message here