exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2010-133

Mandriva Linux Security Advisory 2010-133
Posted Jul 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-133 - Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file. Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

tags | advisory, remote, denial of service, overflow, arbitrary, memory leak
systems | linux, mandriva
advisories | CVE-2008-6218, CVE-2010-1205, CVE-2010-2249
SHA-256 | 9dbcdb392f0269d231a9304f120b56317d9400add78640b2d61a8c8ee985f7fc

Mandriva Linux Security Advisory 2010-133

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:133
http://www.mandriva.com/security/
_______________________________________________________________________

Package : libpng
Date : July 15, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,
Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities has been found and corrected in libpng:

Memory leak in the png_handle_tEXt function in pngrutil.c in libpng
before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers
to cause a denial of service (memory exhaustion) via a crafted PNG file
(CVE-2008-6218.

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x
before 1.4.3, as used in progressive applications, might allow remote
attackers to execute arbitrary code via a PNG image that triggers an
additional data row (CVE-2010-1205).

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before
1.4.3, allows remote attackers to cause a denial of service (memory
consumption and application crash) via a PNG image containing malformed
Physical Scale (aka sCAL) chunks (CVE-2010-2249).

As a precaution htmldoc has been rebuilt to link against the
system libpng library for CS4 and 2008.0. Latest xulrunner and
mozilla-thunderbird has been patched as a precaution for 2008.0 wheres
on 2009.0 and up the the system libpng library is used instead of the
bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is
therefore also being provided with this advisory.

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.0:
4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm
71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm
75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm
fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm
d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm
6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm
546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm
b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm
b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm
3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm
901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm
ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm
d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm
885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm
358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm
748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm
15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm
c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm
fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm
141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm
a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm
3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm
084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm
c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm
996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm
ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm
394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm
d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm
885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm
358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm
748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm

Mandriva Linux 2009.0:
28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm
bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm
e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm
921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm
c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm
df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm
3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm
740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm
c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm

Mandriva Linux 2009.1:
127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm
3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm
2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm
5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm
6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm
4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm
fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm
0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm
6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm

Mandriva Linux 2010.0:
76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm
7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm
abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm
bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm
cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm
166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm
1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm
88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm
cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm

Mandriva Linux 2010.1:
349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm
d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm
3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm
2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm
0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm

Mandriva Linux 2010.1/X86_64:
80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm
2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm
5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm
06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm
0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm

Corporate 4.0:
be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm
71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm
1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm
e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm
288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm
3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm
b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm
79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm
e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm
e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm
609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm
3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm
b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm
92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm
c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm
2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm
488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm
6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm
c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm
cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm
488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX
KlOM1C8b0XVNVFF83vXPz9A=
=E10C
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close