INFORMATION BULLETIN
INFORMATION BULLETIN
| PROBLEM: | Two buffer overflow's were discovered in Imlib's - a powerful image loading and rendering library - image loaders for PNM and XPM images, which may result in the execution of arbitrary code. |
| PLATFORM: | Debian GNU/Linux 4.0 (etch) |
| DAMAGE: | Execution of arbitrary code. |
| SOLUTION: | Upgrade to the appropriate version. |
| VULNERABILITY ASSESSMENT: |
The risk is MEDIUM. May result inthe execution of arbitrary code. |
| CVSS 2 BASE SCORE: TEMPORAL SCORE: VECTOR: |
6.4 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:P/E:POC/RL:OF/RC:C) |
| LINKS: | |
| CIAC BULLETIN: | http://www.ciac.org/ciac/bulletins/s-323.shtml |
| ORIGINAL BULLETIN: | http://www.debian.org/security/2008/dsa-1594 |
| CVE: | CVE-2008-2426 |
[***** Start Debian Security Advisory DSA-1594-1 *****]
Stefan Cornelius discovered two buffer overflows in Imlib's - a powerful image loading and rendering library - image loaders for PNM and XPM images, which may result in the execution of arbitrary code.
For the stable distribution (etch), this problem has been fixed in version 1.3.0.0debian1-4+etch1.
For the unstable distribution (sid), this problem has been fixed in version 1.4.0-1.1.
We recommend that you upgrade your imlib2 package.
MD5 checksums of the listed files are available in the original advisory.
[***** End Debian Security Advisory DSA-1594-1 *****]
Voice: +1 866-941-2472 (7 x 24)
E-mail: doecirc@doecirc.energy.gov
World Wide Web: http://www.doecirc.energy.gov/