what you don't know can hurt you

Ubuntu Security Notice 993-1

Ubuntu Security Notice 993-1
Posted Sep 29, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 993-1 - Stefan Cornelius discovered that libgdiplus incorrectly handled certain image files. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-1526
MD5 | 5babb10102571117914f4449731ea3c7

Ubuntu Security Notice 993-1

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-993-1 September 29, 2010
libgdiplus vulnerability
CVE-2010-1526
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 9.04
Ubuntu 9.10
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
libgdiplus 1.2.6-2ubuntu2.1

Ubuntu 9.04:
libgdiplus 2.0-1ubuntu0.1

Ubuntu 9.10:
libgdiplus 2.4.2-1ubuntu0.9.10.1

Ubuntu 10.04 LTS:
libgdiplus 2.4.2-1ubuntu0.10.04.1

In general, a standard system update will make all the necessary changes.

Details follow:

Stefan Cornelius discovered that libgdiplus incorrectly handled certain
image files. If a user or automated system were tricked into opening a
crafted image file, an attacker could cause a denial of service or possibly
execute arbitrary code with the privileges of the user invoking the
program.


Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1.diff.gz
Size/MD5: 7287 cc029366586479d0c51038149ff2fef1
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1.dsc
Size/MD5: 1142 525119345c89ce1aaccb16b24fd91831
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_1.2.6.orig.tar.gz
Size/MD5: 3551556 e03b3e969df4196f808ebdde1d666e82

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1_amd64.deb
Size/MD5: 167396 331e79c0cd73d48a07f745657e3e364e

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1_i386.deb
Size/MD5: 154448 fbdc60e8448a7abf2b12cb8d6f0eab1c

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1_lpia.deb
Size/MD5: 153500 273b16987dc4ee45e1d2c6bae39982a2

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1_powerpc.deb
Size/MD5: 173450 fbe0c586e23ad4a988882178b27f3825

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_1.2.6-2ubuntu2.1_sparc.deb
Size/MD5: 156770 4b98253f89ebbbf0a7478e8fad3a2083

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1.diff.gz
Size/MD5: 7676 89b360d221fb655ac86d377af02a20f0
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1.dsc
Size/MD5: 1681 d3ff98014d1fb3041ddfe0853ff09cd0
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.0.orig.tar.gz
Size/MD5: 2786887 f5ea8f021b9e87cf926d1b4e623d6bc1

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1_amd64.deb
Size/MD5: 169818 08bfdcd4476ff1cc088b03c83f44e0c9

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1_i386.deb
Size/MD5: 157670 b3302e5ddc18cda33af96e1217445449

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1_lpia.deb
Size/MD5: 156656 a5d5efe5caa1899b2e9f5c6e44acecb0

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1_powerpc.deb
Size/MD5: 174114 cf00cedeccb571c71f4cf6e68e2e6951

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.0-1ubuntu0.1_sparc.deb
Size/MD5: 159258 e0df71f8f816ac4d2f5554875b2351a1

Updated packages for Ubuntu 9.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1.diff.gz
Size/MD5: 8126 a602436c2d313f7983dd6ae2172032bf
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1.dsc
Size/MD5: 1715 061d427b1e8944da9f1446b11712b2be
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2.orig.tar.gz
Size/MD5: 2758522 df6e3e66120d4823dcfcc1adf48049b7

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1_amd64.deb
Size/MD5: 172004 8dcdd7791fc1685a4f941f8ddddddaf8

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1_i386.deb
Size/MD5: 160368 64089d93ddcefe00298b50663cc53988

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1_lpia.deb
Size/MD5: 158218 718036e87f6b7e56dd04d613db6047b9

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1_powerpc.deb
Size/MD5: 176628 9544fbc10b2b3afe3544b5bfad99a8b6

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.9.10.1_sparc.deb
Size/MD5: 161922 4eb11d2dc35940cb38fcad795d0099ed

Updated packages for Ubuntu 10.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1.diff.gz
Size/MD5: 8230 fb9c71aad07ece4ffedec38ab9f2a85a
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1.dsc
Size/MD5: 1719 e188026b838510778441fd9295832f7e
http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2.orig.tar.gz
Size/MD5: 2758522 df6e3e66120d4823dcfcc1adf48049b7

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1_amd64.deb
Size/MD5: 172136 31b602ac108994ae9d09cf1d9a34c043

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1_i386.deb
Size/MD5: 160432 11439652c3f0774fc73b911f4383e786

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1_powerpc.deb
Size/MD5: 176390 406a037cc563d2a7c4cd143b8b0e67e3

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libg/libgdiplus/libgdiplus_2.4.2-1ubuntu0.10.04.1_sparc.deb
Size/MD5: 167206 cd2d838608cd8c22aa4ff6c7cdaed01c



Login or Register to add favorites

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close