exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 993-1

Ubuntu Security Notice 993-1
Posted Sep 29, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 993-1 - Stefan Cornelius discovered that libgdiplus incorrectly handled certain image files. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-1526
SHA-256 | c4ae7b6d120a2fbdc569c8dca350258ea492f3219cf688339d9dbe690dab4933

Ubuntu Security Notice 993-1

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-993-1 September 29, 2010
libgdiplus vulnerability
CVE-2010-1526
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 9.04
Ubuntu 9.10
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
libgdiplus 1.2.6-2ubuntu2.1

Ubuntu 9.04:
libgdiplus 2.0-1ubuntu0.1

Ubuntu 9.10:
libgdiplus 2.4.2-1ubuntu0.9.10.1

Ubuntu 10.04 LTS:
libgdiplus 2.4.2-1ubuntu0.10.04.1

In general, a standard system update will make all the necessary changes.

Details follow:

Stefan Cornelius discovered that libgdiplus incorrectly handled certain
image files. If a user or automated system were tricked into opening a
crafted image file, an attacker could cause a denial of service or possibly
execute arbitrary code with the privileges of the user invoking the
program.


Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1.diff.gz
Size/MD5: 7287 cc029366586479d0c51038149ff2fef1
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1.dsc
Size/MD5: 1142 525119345c89ce1aaccb16b24fd91831
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_1.2.6.orig.tar.gz
Size/MD5: 3551556 e03b3e969df4196f808ebdde1d666e82

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1_amd64.deb
Size/MD5: 167396 331e79c0cd73d48a07f745657e3e364e

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1_i386.deb
Size/MD5: 154448 fbdc60e8448a7abf2b12cb8d6f0eab1c

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1_lpia.deb
Size/MD5: 153500 273b16987dc4ee45e1d2c6bae39982a2

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1_powerpc.deb
Size/MD5: 173450 fbe0c586e23ad4a988882178b27f3825

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1_sparc.deb
Size/MD5: 156770 4b98253f89ebbbf0a7478e8fad3a2083

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1.diff.gz
Size/MD5: 7676 89b360d221fb655ac86d377af02a20f0
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1.dsc
Size/MD5: 1681 d3ff98014d1fb3041ddfe0853ff09cd0
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.0.orig.tar.gz
Size/MD5: 2786887 f5ea8f021b9e87cf926d1b4e623d6bc1

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1_amd64.deb
Size/MD5: 169818 08bfdcd4476ff1cc088b03c83f44e0c9

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1_i386.deb
Size/MD5: 157670 b3302e5ddc18cda33af96e1217445449

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1_lpia.deb
Size/MD5: 156656 a5d5efe5caa1899b2e9f5c6e44acecb0

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1_powerpc.deb
Size/MD5: 174114 cf00cedeccb571c71f4cf6e68e2e6951

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1_sparc.deb
Size/MD5: 159258 e0df71f8f816ac4d2f5554875b2351a1

Updated packages for Ubuntu 9.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1.diff.gz
Size/MD5: 8126 a602436c2d313f7983dd6ae2172032bf
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1.dsc
Size/MD5: 1715 061d427b1e8944da9f1446b11712b2be
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2.orig.tar.gz
Size/MD5: 2758522 df6e3e66120d4823dcfcc1adf48049b7

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1_amd64.deb
Size/MD5: 172004 8dcdd7791fc1685a4f941f8ddddddaf8

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1_i386.deb
Size/MD5: 160368 64089d93ddcefe00298b50663cc53988

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1_lpia.deb
Size/MD5: 158218 718036e87f6b7e56dd04d613db6047b9

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1_powerpc.deb
Size/MD5: 176628 9544fbc10b2b3afe3544b5bfad99a8b6

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1_sparc.deb
Size/MD5: 161922 4eb11d2dc35940cb38fcad795d0099ed

Updated packages for Ubuntu 10.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1.diff.gz
Size/MD5: 8230 fb9c71aad07ece4ffedec38ab9f2a85a
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1.dsc
Size/MD5: 1719 e188026b838510778441fd9295832f7e
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2.orig.tar.gz
Size/MD5: 2758522 df6e3e66120d4823dcfcc1adf48049b7

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1_amd64.deb
Size/MD5: 172136 31b602ac108994ae9d09cf1d9a34c043

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1_i386.deb
Size/MD5: 160432 11439652c3f0774fc73b911f4383e786

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1_powerpc.deb
Size/MD5: 176390 406a037cc563d2a7c4cd143b8b0e67e3

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1_sparc.deb
Size/MD5: 167206 cd2d838608cd8c22aa4ff6c7cdaed01c



Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close