ELSA-2007-0513

ELSA-2007-0513 - Moderate: gimp security update

Type:SECURITY
Severity:MODERATE
Release Date:2007-09-26

Description


[1.2.3-20.9.el3]
- validate bytesperline header field when loading PCX files (#247570)

[1.2.3-20.8.el3]
- reduce GIMP_MAX_IMAGE_SIZE to 2^18 to detect bogus image widths/heights
(#247570)

[1.2.3-20.7.el3]
- replace gimp_error() by gimp_message()/gimp_quit() in a few plugins so
they
don't crash but gracefully exit when encountering error conditions
- fix endianness issues in the PSP plugin to avoid it doing (seemingly)
endless
loops when loading images
- fix endianness issues in the PCX plugin which cause it to not detect
corrupt
images

[1.2.3-20.6.el3]
- add ChangeLog entry to psd-invalid-dimensions patch (#247570)
- validate size values read from files before using them to allocate
memory in
various file plugins (#247570, patch by Mukund Sivaraman and Rapha??l
Quinet,
adapted)
- detect invalid image data when reading files in several plugins (#247570,
patch by Sven Neumann and Rapha??l Quinet, adapted)
- validate size values read from files before using them to allocate
memory in
the PSD and sunras plugins (#247570, patch by Mukund Sivaraman and Sven
Neumann, partly adapted)
- add safeguard to avoid crashes while loading corrupt PSD images (#247570,
patch by Rapha??l Quinet, adapted)
- convert spec file to UTF-8

[1.2.3-20.5.el3]
- use adapted upstream PSD fix by Sven Neumann (#244406)

[1.2.3-20.4.el3]
- refuse to open PSD files with insanely large dimensions (#244406)


Related CVEs


CVE-2006-4519
CVE-2007-2949
CVE-2007-3741

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 3 (i386) gimp-1.2.3-20.9.el3.src.rpmcb24fa1db31918a1349d23d811e936f3-
gimp-1.2.3-20.9.el3.i386.rpm3b834112f3ac3002881f8ffbd235354b-
gimp-devel-1.2.3-20.9.el3.i386.rpma506b6dd5f452a730b1f2725590dc6ed-
gimp-perl-1.2.3-20.9.el3.i386.rpm3b66d3f06c8d196c2e58baf94f2b223d-
Oracle Linux 3 (x86_64) gimp-1.2.3-20.9.el3.src.rpmcb24fa1db31918a1349d23d811e936f3-
gimp-1.2.3-20.9.el3.x86_64.rpmf51cd2330d760600fc7a31af5a36e2c8-
gimp-devel-1.2.3-20.9.el3.x86_64.rpmb9a3d1921838accc9d8168fa36dc56be-
gimp-perl-1.2.3-20.9.el3.x86_64.rpm7e3a05b11fd01b5cd104cf7a2389107b-
Oracle Linux 4 (i386) gimp-2.0.5-7.0.7.el4.src.rpm00898f723a510474b72f9c7b4be07bf9ELSA-2011-0837
gimp-2.0.5-7.0.7.el4.i386.rpma7c1d2eed6beffad5988a530f1d0c6b6ELSA-2011-0837
gimp-devel-2.0.5-7.0.7.el4.i386.rpm63d969027d077e07e8c9a37603f46c44ELSA-2011-0837
Oracle Linux 4 (ia64) gimp-2.0.5-7.0.7.el4.src.rpm00898f723a510474b72f9c7b4be07bf9ELSA-2011-0837
gimp-2.0.5-7.0.7.el4.ia64.rpm4af0a8e61be57c7f6d272ef8209e2f52ELSA-2011-0837
gimp-devel-2.0.5-7.0.7.el4.ia64.rpm8f251720b334baa4b39f328a40d202d9ELSA-2011-0837
Oracle Linux 4 (x86_64) gimp-2.0.5-7.0.7.el4.src.rpm00898f723a510474b72f9c7b4be07bf9ELSA-2011-0837
gimp-2.0.5-7.0.7.el4.x86_64.rpm73b2639e0777500e5ac4e7401651c166ELSA-2011-0837
gimp-devel-2.0.5-7.0.7.el4.x86_64.rpmdcafeb12635801dfaabed10886282e89ELSA-2011-0837
Oracle Linux 5 (i386) gimp-2.2.13-2.0.7.el5.src.rpm075aec8bf3483693e8b5cb7120104b81ELSA-2013-1778
gimp-2.2.13-2.0.7.el5.i386.rpm99b5fa575c49800cea75ada289f6d72bELSA-2013-1778
gimp-devel-2.2.13-2.0.7.el5.i386.rpm3cf847e9f10974df9cbec1f20ac11f37ELSA-2013-1778
gimp-libs-2.2.13-2.0.7.el5.i386.rpm91714705bada2bf5d687d1dd21b4683eELSA-2013-1778
Oracle Linux 5 (ia64) gimp-2.2.13-2.0.7.el5.src.rpm075aec8bf3483693e8b5cb7120104b81ELSA-2013-1778
gimp-2.2.13-2.0.7.el5.ia64.rpmd80969bbb8473e492b8c2ac58684a81eELSA-2013-1778
gimp-devel-2.2.13-2.0.7.el5.ia64.rpmea4ca51bb2d8b81c412bb47caee3d51fELSA-2013-1778
gimp-libs-2.2.13-2.0.7.el5.ia64.rpm454fad4f8c3c78750c2224d71bb2c2dfELSA-2013-1778
Oracle Linux 5 (x86_64) gimp-2.2.13-2.0.7.el5.src.rpm075aec8bf3483693e8b5cb7120104b81ELSA-2013-1778
gimp-2.2.13-2.0.7.el5.x86_64.rpme62fff99200fc58e7da05695c9c9ae6dELSA-2013-1778
gimp-devel-2.2.13-2.0.7.el5.i386.rpm3cf847e9f10974df9cbec1f20ac11f37ELSA-2013-1778
gimp-devel-2.2.13-2.0.7.el5.x86_64.rpm7c2090c34e71db8ce131b1e4d3f7b2caELSA-2013-1778
gimp-libs-2.2.13-2.0.7.el5.i386.rpm91714705bada2bf5d687d1dd21b4683eELSA-2013-1778
gimp-libs-2.2.13-2.0.7.el5.x86_64.rpm34be3720d788dc289899cd903304b108ELSA-2013-1778



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete