Ubuntu Security Notice USN-214-1 - Chris Evans discovered several buffer overflows in the libungif library. By tricking an user (or automated system) into processing a specially crafted GIF image, this could be exploited to execute arbitrary code with the privileges of the application using libungif.
ccbe3257524d3fdb082a6e5a23209acfa63fb1f6a865fc10270711e1b6b6c566===========================================================
Ubuntu Security Notice USN-214-1 November 07, 2005
libungif4 vulnerabilities
CVE-2005-2974, CVE-2005-3350
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 4.10 (Breezy Badger)
The following packages are affected:
libungif4g
The problem can be corrected by upgrading the affected package to
version 4.1.0b1-6ubuntu0.1 (for Ubuntu 4.10), 4.1.3-1ubuntu0.1 (for
Ubuntu 5.04), or 4.1.3-2ubuntu0.1 (for Ubuntu 5.10). In general, a
standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Chris Evans discovered several buffer overflows in the libungif
library. By tricking an user (or automated system) into processing a
specially crafted GIF image, this could be exploited to execute
arbitrary code with the privileges of the application using libungif.
Updated packages for Ubuntu 4.10:
Source archives:
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4_4.1.0b1-6ubuntu0.1.diff.gz
Size/MD5: 299066 b1e73895c7e0ad79c0e19e6cdc17e0a0
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4_4.1.0b1-6ubuntu0.1.dsc
Size/MD5: 654 e77c0c985a9a69be2306521c68c90948
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4_4.1.0b1.orig.tar.gz
Size/MD5: 351757 20d96eb90cf818a1da093614c44ad3e5
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
https://security.ubuntu.com/ubuntu/pool/universe/libu/libungif4/libungif-bin_4.1.0b1-6ubuntu0.1_amd64.deb
Size/MD5: 220664 20b10d4a5722c313fb9087e9637d3932
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4-dev_4.1.0b1-6ubuntu0.1_amd64.deb
Size/MD5: 36512 7267a1987fbabd4933e000ccb1506db3
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4g_4.1.0b1-6ubuntu0.1_amd64.deb
Size/MD5: 52450 e518ccb9521345253a7195baf59d304c
i386 architecture (x86 compatible Intel/AMD)
https://security.ubuntu.com/ubuntu/pool/universe/libu/libungif4/libungif-bin_4.1.0b1-6ubuntu0.1_i386.deb
Size/MD5: 202984 f68d125ce049c9507756e83bad2549dc
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4-dev_4.1.0b1-6ubuntu0.1_i386.deb
Size/MD5: 34294 3b22cf5ce6d91f4f9f1c27e9a9ec6d75
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4g_4.1.0b1-6ubuntu0.1_i386.deb
Size/MD5: 51064 ce716cf26fdc0b27230dafea49d005c0
powerpc architecture (Apple Macintosh G3/G4/G5)
https://security.ubuntu.com/ubuntu/pool/universe/libu/libungif4/libungif-bin_4.1.0b1-6ubuntu0.1_powerpc.deb
Size/MD5: 235062 acc2f9eb7dfc2a0f1e4551a2217fc579
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4-dev_4.1.0b1-6ubuntu0.1_powerpc.deb
Size/MD5: 36562 84f4b4a0ed7e5f5a35b9ac7789e70a3e
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4g_4.1.0b1-6ubuntu0.1_powerpc.deb
Size/MD5: 53420 c0b95884ad01a6ec49aa4a0fbbd71411
Updated packages for Ubuntu 5.04:
Source archives:
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4_4.1.3-1ubuntu0.1.diff.gz
Size/MD5: 27712 4835a55c199b8bad795cb36ccd844b32
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4_4.1.3-1ubuntu0.1.dsc
Size/MD5: 639 7a91eda1b7d0ec48c26f69518e6787f9
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4_4.1.3.orig.tar.gz
Size/MD5: 569667 cb11e300347ad29e502abc6f56fd23df
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
https://security.ubuntu.com/ubuntu/pool/universe/libu/libungif4/libungif-bin_4.1.3-1ubuntu0.1_amd64.deb
Size/MD5: 224438 efe72b94ed939de9b85e556e07fb228d
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4-dev_4.1.3-1ubuntu0.1_amd64.deb
Size/MD5: 41158 381aaff6c58f9402275bf37cf3c58abf
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4g_4.1.3-1ubuntu0.1_amd64.deb
Size/MD5: 57506 88918dea5ab32a782a8e1d731a4b4f24
i386 architecture (x86 compatible Intel/AMD)
https://security.ubuntu.com/ubuntu/pool/universe/libu/libungif4/libungif-bin_4.1.3-1ubuntu0.1_i386.deb
Size/MD5: 206076 a81c6995f1e3ebbba7ce725171574b59
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4-dev_4.1.3-1ubuntu0.1_i386.deb
Size/MD5: 38928 8def52728fce5ef3fcaf3137c3cd2ce3
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4g_4.1.3-1ubuntu0.1_i386.deb
Size/MD5: 56194 474750d2fddcf82434a136014e1cb2d9
powerpc architecture (Apple Macintosh G3/G4/G5)
https://security.ubuntu.com/ubuntu/pool/universe/libu/libungif4/libungif-bin_4.1.3-1ubuntu0.1_powerpc.deb
Size/MD5: 238938 f36748ba01f1527ef18be9ccf8c51456
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4-dev_4.1.3-1ubuntu0.1_powerpc.deb
Size/MD5: 41242 892f389e108ca0bfbe0346341c88817b
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4g_4.1.3-1ubuntu0.1_powerpc.deb
Size/MD5: 58440 ed9a1b67bcb7165b6cb4f70048c00ca4
Updated packages for Ubuntu 5.10:
Source archives:
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4_4.1.3-2ubuntu0.1.diff.gz
Size/MD5: 27750 e53abb2025395d9dcbb2a957727bef30
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4_4.1.3-2ubuntu0.1.dsc
Size/MD5: 639 f774bee9e108e9d70816c5cf7e6c0a35
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4_4.1.3.orig.tar.gz
Size/MD5: 569667 cb11e300347ad29e502abc6f56fd23df
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
https://security.ubuntu.com/ubuntu/pool/universe/libu/libungif4/libungif-bin_4.1.3-2ubuntu0.1_amd64.deb
Size/MD5: 221048 9b5a7710353c1f7f8d3ab3a91e6999be
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4-dev_4.1.3-2ubuntu0.1_amd64.deb
Size/MD5: 41432 bb6c5e694cf477407ea1d021f045854b
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4g_4.1.3-2ubuntu0.1_amd64.deb
Size/MD5: 57718 c248516545c8a1062c01397ea262703e
i386 architecture (x86 compatible Intel/AMD)
https://security.ubuntu.com/ubuntu/pool/universe/libu/libungif4/libungif-bin_4.1.3-2ubuntu0.1_i386.deb
Size/MD5: 207362 bb2048b13a24139776a3c6bed250f56f
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4-dev_4.1.3-2ubuntu0.1_i386.deb
Size/MD5: 38672 4f6a453cf554c8a246de612385b699a6
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4g_4.1.3-2ubuntu0.1_i386.deb
Size/MD5: 55668 dad0b983eda12741dc18ac6898d55559
powerpc architecture (Apple Macintosh G3/G4/G5)
https://security.ubuntu.com/ubuntu/pool/universe/libu/libungif4/libungif-bin_4.1.3-2ubuntu0.1_powerpc.deb
Size/MD5: 240722 cfd899896a119fcabe2ffe06adeed4cb
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4-dev_4.1.3-2ubuntu0.1_powerpc.deb
Size/MD5: 41626 f4cb22787e4fdeb5f84c1e33e955091d
https://security.ubuntu.com/ubuntu/pool/main/libu/libungif4/libungif4g_4.1.3-2ubuntu0.1_powerpc.deb
Size/MD5: 58706 a52ba57b5c9a8e3028572da122dd5a47
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed