From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1750-1
[email protected] http://www.debian.org/security/ Florian Weimer
March 22, 2009
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : libpng
Vulnerability : several
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2007-2445 CVE-2007-5269 CVE-2008-1382 CVE-2008-5907 CVE-2008-6218 CVE-2009-0040
Debian Bug : 446308 476669 516256 512665
Several vulnerabilities have been discovered in libpng, a library for
reading and writing PNG files. The Common Vulnerabilities and
Exposures project identifies the following problems:
The png_handle_tRNS function allows attackers to cause a denial of
service (application crash) via a grayscale PNG image with a bad tRNS
chunk CRC value. (CVE-2007-2445)
Certain chunk handlers allow attackers to cause a denial of service
(crash) via crafted pCAL, sCAL, tEXt, iTXt, and ztXT chunking in PNG
images, which trigger out-of-bounds read operations. (CVE-2007-5269)
libpng allows context-dependent attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a PNG file with zero
length "unknown" chunks, which trigger an access of uninitialized
memory. (CVE-2008-1382)
The png_check_keyword might allow context-dependent attackers to set the
value of an arbitrary memory location to zero via vectors involving
creation of crafted PNG files with keywords. (CVE-2008-5907)
A memory leak in the png_handle_tEXt function allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted
PNG file. (CVE-2008-6218)
libpng allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG
file that triggers a free of an uninitialized pointer in (1) the
png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit
gamma tables. (CVE-2009-0040)
For the old stable distribution (etch), these problems have been fixed
in version1.2.15~beta5-1+etch2.
For the stable distribution (lenny), these problems have been fixed in
version 1.2.27-2+lenny2. (Only CVE-2008-5907, CVE-2008-5907 and
CVE-2009-0040 affect the stable distribution.)
For the unstable distribution (sid), these problems have been fixed in
version 1.2.35-1.
We recommend that you upgrade your libpng packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
Size/MD5 checksum: 829038 77ca14fcee1f1f4daaaa28123bd0b22d
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5-1+etch2.diff.gz
Size/MD5 checksum: 18622 e1e1b7d74b9af5861bdcfc50154d2b4c
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5-1+etch2.dsc
Size/MD5 checksum: 1033 a0668aeec893b093e1f8f68316a04041
Architecture independent packages:
http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.15~beta5-1+etch2_all.deb
Size/MD5 checksum: 882 eb0e501247bd91837c090cf3353e07c6
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_alpha.deb
Size/MD5 checksum: 214038 1dd9a6d646d8ae533fbabbb32e03149a
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_alpha.deb
Size/MD5 checksum: 204478 d04c5a2151ca4aa8b1fa6f1b3078e418
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_alpha.udeb
Size/MD5 checksum: 85270 1fcfca5bfd47a2f6611074832273ac0b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_amd64.deb
Size/MD5 checksum: 188124 703758e444f77281b9104e20c358b521
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_amd64.deb
Size/MD5 checksum: 179186 d2596f942999be2acb79e77d12d99c2e
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_amd64.udeb
Size/MD5 checksum: 69056 4bd8858ff3ef96c108d2f357e67c7b73
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_arm.udeb
Size/MD5 checksum: 63714 14bd7b3fa29b01ebc18b6611eea486d1
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_arm.deb
Size/MD5 checksum: 168764 54a349016bbdd6624fe8552bd951fee0
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_arm.deb
Size/MD5 checksum: 182720 79e501f9c79d31b0f9c8b5a4f16f6a2e
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_hppa.udeb
Size/MD5 checksum: 74440 e240adb3f2b0f8ed35a3c2fe2dd35da1
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_hppa.deb
Size/MD5 checksum: 187052 e5f7162d516fc3d8e953726d7fb5b6ae
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_hppa.deb
Size/MD5 checksum: 194360 83928ed4057deade50551874a6a85d27
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_i386.udeb
Size/MD5 checksum: 67656 66d9d533e26e4f74fbdd01bf55fa40b1
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_i386.deb
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)