Mandriva Linux Security Advisory 2009-121 - Multiple security vulnerabilities has been identified and fixed in Little CMS. A memory leak flaw allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted image file. Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. Multiple stack-based buffer overflows allow remote attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel. A flaw in the transformations of monochrome profiles allows remote attackers to cause denial of service triggered by a NULL pointer dereference via a crafted image file. This update provides fixes for these issues.
128b2e6b39bb8559db988ef3a065a0a1f8e056209cbe8d7fa77bda7e09b9db5f
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:121
https://www.mandriva.com/security/
_______________________________________________________________________
Package : lcms
Date : May 21, 2009
Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Multiple security vulnerabilities has been identified and fixed in
Little cms:
A memory leak flaw allows remote attackers to cause a denial of service
(memory consumption and application crash) via a crafted image file
(CVE-2009-0581).
Multiple integer overflows allow remote attackers to execute arbitrary
code via a crafted image file that triggers a heap-based buffer
overflow (CVE-2009-0723).
Multiple stack-based buffer overflows allow remote attackers to
execute arbitrary code via a crafted image file associated with a large
integer value for the (1) input or (2) output channel (CVE-2009-0733).
A flaw in the transformations of monochrome profiles allows remote
attackers to cause denial of service triggered by a NULL pointer
dereference via a crafted image file (CVE-2009-0793).
This update provides fixes for these issues.
_______________________________________________________________________
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0793
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.1:
9a7580fe81323030908640bc50ad5627 2008.1/i586/lcms-1.18-0.1mdv2008.1.i586.rpm
a610fd40ca8dfa5a61dbc5aa0273a8ee 2008.1/i586/liblcms1-1.18-0.1mdv2008.1.i586.rpm
8dc0e54d1fe702960377a30485bda276 2008.1/i586/liblcms-devel-1.18-0.1mdv2008.1.i586.rpm
cee6b7b46b9264786e5f400c3df20431 2008.1/i586/python-lcms-1.18-0.1mdv2008.1.i586.rpm
fffadc37bb922b529603b92db03a60f8 2008.1/SRPMS/lcms-1.18-0.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
905dda903e8d3bd75473da0e70f71fce 2008.1/x86_64/lcms-1.18-0.1mdv2008.1.x86_64.rpm
a19547982d852c7573d19af613572146 2008.1/x86_64/lib64lcms1-1.18-0.1mdv2008.1.x86_64.rpm
6b7b47196c922b9ce86378bb7b5eb61d 2008.1/x86_64/lib64lcms-devel-1.18-0.1mdv2008.1.x86_64.rpm
bef4303cf6b191434321d5b9cfd5d9c4 2008.1/x86_64/python-lcms-1.18-0.1mdv2008.1.x86_64.rpm
fffadc37bb922b529603b92db03a60f8 2008.1/SRPMS/lcms-1.18-0.1mdv2008.1.src.rpm
Mandriva Linux 2009.0:
f5bf2caf081de92c5799da37e83f39d0 2009.0/i586/lcms-1.18-0.1mdv2009.0.i586.rpm
85f6bbbbefbec9d3490a4c3fbdf9c231 2009.0/i586/liblcms1-1.18-0.1mdv2009.0.i586.rpm
5bcd989e9fedc7ee8c526cfd3d00fd65 2009.0/i586/liblcms-devel-1.18-0.1mdv2009.0.i586.rpm
6caf8993f41da57e0e158aa554354ccf 2009.0/i586/python-lcms-1.18-0.1mdv2009.0.i586.rpm
2c0d76ae5dfc1a23187c29f9fd273095 2009.0/SRPMS/lcms-1.18-0.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
dd6a45fc122f1ef0011a8359d932227b 2009.0/x86_64/lcms-1.18-0.1mdv2009.0.x86_64.rpm
de681b3655fef3bfcf9856280053b50d 2009.0/x86_64/lib64lcms1-1.18-0.1mdv2009.0.x86_64.rpm
a91bcf179c1131d0fe60a9d73bdad9ac 2009.0/x86_64/lib64lcms-devel-1.18-0.1mdv2009.0.x86_64.rpm
4260c271642bc12a5f79ab5a3220f5f3 2009.0/x86_64/python-lcms-1.18-0.1mdv2009.0.x86_64.rpm
2c0d76ae5dfc1a23187c29f9fd273095 2009.0/SRPMS/lcms-1.18-0.1mdv2009.0.src.rpm
Mandriva Linux 2009.1:
a02457ee1cc925a81fc0a77ac9b98c24 2009.1/i586/lcms-1.18-1.1mdv2009.1.i586.rpm
d6c2717a575aeb525648263e95625c2f 2009.1/i586/liblcms1-1.18-1.1mdv2009.1.i586.rpm
8e087ea8d40a2aa6e8d9dfa2dd0950c1 2009.1/i586/liblcms-devel-1.18-1.1mdv2009.1.i586.rpm
98f26f39aa5640e222466cdcf6ed24f6 2009.1/i586/python-lcms-1.18-1.1mdv2009.1.i586.rpm
32b9e76718ef78efbbe7a597fd4bdb06 2009.1/SRPMS/lcms-1.18-1.1mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
b4aace6b015870306b4c1c8d2adcefe2 2009.1/x86_64/lcms-1.18-1.1mdv2009.1.x86_64.rpm
f05c6dab9d818b0602efa75a929a171a 2009.1/x86_64/lib64lcms1-1.18-1.1mdv2009.1.x86_64.rpm
4d1a1e554c33d73173bc5930fc1a92f6 2009.1/x86_64/lib64lcms-devel-1.18-1.1mdv2009.1.x86_64.rpm
194fc36923e4914fb27c40af8dc80c7a 2009.1/x86_64/python-lcms-1.18-1.1mdv2009.1.x86_64.rpm
32b9e76718ef78efbbe7a597fd4bdb06 2009.1/SRPMS/lcms-1.18-1.1mdv2009.1.src.rpm
Corporate 3.0:
1ace45d4de049e1d52a91c5fe84e17b5 corporate/3.0/i586/liblcms1-1.10-1.2.C30mdk.i586.rpm
b59d77bd5a8ed230a2a2bc6bfbfeaa8c corporate/3.0/i586/liblcms1-devel-1.10-1.2.C30mdk.i586.rpm
ee53e5c9feee02e5289561db727858e7 corporate/3.0/SRPMS/liblcms-1.10-1.2.C30mdk.src.rpm
Corporate 3.0/X86_64:
32db1a46a9820ed9661ac8827e57e8c6 corporate/3.0/x86_64/lib64lcms1-1.10-1.2.C30mdk.x86_64.rpm
746aa607bad4b1905a74d002118bdf56 corporate/3.0/x86_64/lib64lcms1-devel-1.10-1.2.C30mdk.x86_64.rpm
ee53e5c9feee02e5289561db727858e7 corporate/3.0/SRPMS/liblcms-1.10-1.2.C30mdk.src.rpm
Corporate 4.0:
24361175b29470601a26390c8fa3080d corporate/4.0/i586/liblcms1-1.14-1.2.20060mlcs4.i586.rpm
2caf72d253d56cf51cebfcaba3560eee corporate/4.0/i586/liblcms1-devel-1.14-1.2.20060mlcs4.i586.rpm
a40dbfb4e5a44e09f101e9e6f8d62c17 corporate/4.0/SRPMS/liblcms-1.14-1.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
642ce065be2e8f7a2dd78c1bf9f01652 corporate/4.0/x86_64/lib64lcms1-1.14-1.2.20060mlcs4.x86_64.rpm
013930f39a842e899e93ca570a06f339 corporate/4.0/x86_64/lib64lcms1-devel-1.14-1.2.20060mlcs4.x86_64.rpm
a40dbfb4e5a44e09f101e9e6f8d62c17 corporate/4.0/SRPMS/liblcms-1.14-1.2.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
https://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKFZjvmqjQ0CJFipgRAkeFAJ9ykO79nVFB8pNFu6GP5pHU2+pq4gCgunzs
+XW2vViKxpqHnmeM+tTFN4s=
=wTDp
-----END PGP SIGNATURE-----