Ubuntu Security Notice 595-1

Ubuntu Security Notice 595-1: Posted Mar 26, 2008; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 595-1 - Michael Skladnikiewicz discovered that SDL_image did not correctly load GIF images. If a user or automated system were tricked into processing a specially crafted GIF, a remote attacker could execute arbitrary code or cause a crash, leading to a denial of service. David Raulo discovered that SDL_image did not correctly load ILBM images. If a user or automated system were tricked into processing a specially crafted ILBM, a remote attacker could execute arbitrary code or cause a crash, leading to a denial of service.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2008-0544, CVE-2007-6697; SHA-256 | 8787a0170078a9d1a7576ce3ff41cf570558373d705eef090cfb9ca7e6eb0737; Download | Favorite | View

Ubuntu Security Notice 595-1

=========================================================== 
Ubuntu Security Notice USN-595-1             March 26, 2008
sdl-image1.2 vulnerabilities
CVE-2007-6697, CVE-2008-0544
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libsdl-image1.2                 1.2.4-1ubuntu0.1

Ubuntu 6.10:
  libsdl-image1.2                 1.2.5-2ubuntu0.6.10.1

Ubuntu 7.04:
  libsdl-image1.2                 1.2.5-2ubuntu0.7.04.1

Ubuntu 7.10:
  libsdl-image1.2                 1.2.5-3ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Michael Skladnikiewicz discovered that SDL_image did not correctly load
GIF images.  If a user or automated system were tricked into processing
a specially crafted GIF, a remote attacker could execute arbitrary code
or cause a crash, leading to a denial of service. (CVE-2007-6697)

David Raulo discovered that SDL_image did not correctly load ILBM images.
If a user or automated system were tricked into processing a specially
crafted ILBM, a remote attacker could execute arbitrary code or cause
a crash, leading to a denial of service. (CVE-2008-0544)


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.4-1ubuntu0.1.diff.gz
      Size/MD5:    27731 f25861d21b3b2222ff604b849c3842fb
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.4-1ubuntu0.1.dsc
      Size/MD5:      703 4a7bab926b499874e626476a24d59192
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.4.orig.tar.gz
      Size/MD5:   841885 70bf617f99e51a2c94550fc79d542f0b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.4-1ubuntu0.1_amd64.deb
      Size/MD5:    34740 ab68facb50821f78f5d4511bce334a51
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.4-1ubuntu0.1_amd64.deb
      Size/MD5:    28972 1e1a9448740510f93fe01bd88d46b502

  i386 architecture (x86 compatible Intel/AMD):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.4-1ubuntu0.1_i386.deb
      Size/MD5:    31012 e838fe7522ad48cdfc95bfdc73de320f
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.4-1ubuntu0.1_i386.deb
      Size/MD5:    26768 93e3957bb91a6268bb1030155f955f4d

  powerpc architecture (Apple Macintosh G3/G4/G5):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.4-1ubuntu0.1_powerpc.deb
      Size/MD5:    35198 117d57af8e4ce8e55315dcfd9749ebf3
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.4-1ubuntu0.1_powerpc.deb
      Size/MD5:    29798 60d44fc21e806b31c03760aebcf14b64

  sparc architecture (Sun SPARC/UltraSPARC):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.4-1ubuntu0.1_sparc.deb
      Size/MD5:    32956 fede4369525cfe7e1b0f03c95a700ba7
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.4-1ubuntu0.1_sparc.deb
      Size/MD5:    27422 7adb8093da72732c65ce0dc0bb76d932

Updated packages for Ubuntu 6.10:

  Source archives:

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5-2ubuntu0.6.10.1.diff.gz
      Size/MD5:    12438 722a44ed315b6bd0761bd4b55491b4c2
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5-2ubuntu0.6.10.1.dsc
      Size/MD5:      715 ed059f756a27f70abad413f43813dfe6
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5.orig.tar.gz
      Size/MD5:  1308637 cd006109a73bf7dcc93e1c3ed15ee782

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-2ubuntu0.6.10.1_amd64.deb
      Size/MD5:    38162 e70127ca5a699f4ae80d25f4393eb2b1
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-2ubuntu0.6.10.1_amd64.deb
      Size/MD5:    31304 9d1e30e1dbc8a47d50347fec9e2ae308

  i386 architecture (x86 compatible Intel/AMD):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-2ubuntu0.6.10.1_i386.deb
      Size/MD5:    34772 25d73b30f2fad8dbb592446b623d10d4
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-2ubuntu0.6.10.1_i386.deb
      Size/MD5:    29518 b0a4357caad50210e006d5714e9ba4ce

  powerpc architecture (Apple Macintosh G3/G4/G5):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-2ubuntu0.6.10.1_powerpc.deb
      Size/MD5:    39348 b68e0281277b12ee0b60ac03a9793d9f
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-2ubuntu0.6.10.1_powerpc.deb
      Size/MD5:    32732 d0d78d804a532f8fdef5458317871f9f

  sparc architecture (Sun SPARC/UltraSPARC):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-2ubuntu0.6.10.1_sparc.deb
      Size/MD5:    36452 1fe5217484b152f2fe564e82ebbbc94b
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-2ubuntu0.6.10.1_sparc.deb
      Size/MD5:    29856 bcad33139b674dd652af6fcc48c607a8

Updated packages for Ubuntu 7.04:

  Source archives:

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5-2ubuntu0.7.04.1.diff.gz
      Size/MD5:    12496 b7fab5d4c24566e0b6687c4f1965d356
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5-2ubuntu0.7.04.1.dsc
      Size/MD5:      799 1164a9560c489027b5f7c35c0ff88940
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5.orig.tar.gz
      Size/MD5:  1308637 cd006109a73bf7dcc93e1c3ed15ee782

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-2ubuntu0.7.04.1_amd64.deb
      Size/MD5:    38086 3865a5c45b1f93f85093d497605978da
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-2ubuntu0.7.04.1_amd64.deb
      Size/MD5:    31678 6ffdff8cd099fa61bbd642010855470b

  i386 architecture (x86 compatible Intel/AMD):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-2ubuntu0.7.04.1_i386.deb
      Size/MD5:    34636 1101c9993d3bd36dce2b30d49c13e735
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-2ubuntu0.7.04.1_i386.deb
      Size/MD5:    29846 e45ba5dbe02a80dabfe2bfe9a14eb0de

  powerpc architecture (Apple Macintosh G3/G4/G5):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-2ubuntu0.7.04.1_powerpc.deb
      Size/MD5:    39218 3a9de5d81673a486dcd67422b04cba3d
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-2ubuntu0.7.04.1_powerpc.deb
      Size/MD5:    34488 a99d88e2c4f4be1bf9b54a4408b6da9f

  sparc architecture (Sun SPARC/UltraSPARC):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-2ubuntu0.7.04.1_sparc.deb
      Size/MD5:    36304 7800adda592b293e5b3bddba909765d1
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-2ubuntu0.7.04.1_sparc.deb
      Size/MD5:    30212 94bffe0f402269e7d697c5c2a42ab8ec

Updated packages for Ubuntu 7.10:

  Source archives:

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5-3ubuntu0.1.diff.gz
      Size/MD5:    27013 918b44bd4851bc05e539d0b4462da7aa
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5-3ubuntu0.1.dsc
      Size/MD5:      789 e8c98a5eba6615818895b7c7df91e294
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/sdl-image1.2_1.2.5.orig.tar.gz
      Size/MD5:  1308637 cd006109a73bf7dcc93e1c3ed15ee782

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-3ubuntu0.1_amd64.deb
      Size/MD5:    38238 d972ea754a2ad5267e861fbfbc685ffb
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-3ubuntu0.1_amd64.deb
      Size/MD5:    31760 cf98987b70c07bf213d872db9de38d48

  i386 architecture (x86 compatible Intel/AMD):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-3ubuntu0.1_i386.deb
      Size/MD5:    34732 6302e8d01dbdb7abcbf73c3b29da4260
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-3ubuntu0.1_i386.deb
      Size/MD5:    29892 c9dab7a7643a65e78b2abfe56074679e

  powerpc architecture (Apple Macintosh G3/G4/G5):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-3ubuntu0.1_powerpc.deb
      Size/MD5:    39326 79e6eca19a9b299fa6889125705371e7
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-3ubuntu0.1_powerpc.deb
      Size/MD5:    34546 9c67ead459d5ac24e3851e7aca6f1771

  sparc architecture (Sun SPARC/UltraSPARC):

    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2-dev_1.2.5-3ubuntu0.1_sparc.deb
      Size/MD5:    36364 5dc30616c96abfaf72bf409bca419f83
    https://security.ubuntu.com/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-3ubuntu0.1_sparc.deb
      Size/MD5:    30324 a04f1db06575cd845bab268ce7231264

Top Authors In Last 30 Days

Red Hat 229 files
indoushka 167 files
Jay Turla 150 files
Ubuntu 67 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

Ubuntu Security Notice 595-1

Ubuntu Security Notice 595-1

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice 595-1

Share This

Ubuntu Security Notice 595-1

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems