Mandriva Linux Security Advisory - Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
d620117ee726daa326b908438ceae7d147c52d5b3b6522e956f50670d7e53b3b
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2007:035
http://www.mandriva.com/security/
_______________________________________________________________________
Package : gd
Date : February 6, 2007
Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD
Graphics Library 2.0.33 and earlier allows remote attackers to cause a
denial of service (application crash) and possibly execute arbitrary
code via a crafted string with a JIS encoded font.
Packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2006.0:
bb5df1fd9874cb4538bd24ba722849c3 2006.0/i586/gd-utils-2.0.33-3.2.20060mdk.i586.rpm
311dbbc55d0d4d80d47305b397dccdfa 2006.0/i586/libgd2-2.0.33-3.2.20060mdk.i586.rpm
6d9f985a8266df26f4642dd985afd3c8 2006.0/i586/libgd2-devel-2.0.33-3.2.20060mdk.i586.rpm
cb18cfd4467243366179b50f60877683 2006.0/i586/libgd2-static-devel-2.0.33-3.2.20060mdk.i586.rpm
f4ed9e9a93903a69682da9f898127575 2006.0/SRPMS/gd-2.0.33-3.2.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
ffe7cb2190e4d347f82b477b4b90617f 2006.0/x86_64/gd-utils-2.0.33-3.2.20060mdk.x86_64.rpm
92e96a8d5004b396aab5acc4cc853d8e 2006.0/x86_64/lib64gd2-2.0.33-3.2.20060mdk.x86_64.rpm
6a7247cbd5dfd03e51181711404f8dc5 2006.0/x86_64/lib64gd2-devel-2.0.33-3.2.20060mdk.x86_64.rpm
cedc398df2eae9a72c4c967b421ceb32 2006.0/x86_64/lib64gd2-static-devel-2.0.33-3.2.20060mdk.x86_64.rpm
f4ed9e9a93903a69682da9f898127575 2006.0/SRPMS/gd-2.0.33-3.2.20060mdk.src.rpm
Mandriva Linux 2007.0:
efddec174f28af4832a9fb488292a9ab 2007.0/i586/gd-utils-2.0.33-5.1mdv2007.0.i586.rpm
4f97206e59ac7f365c458a825a0548f6 2007.0/i586/libgd2-2.0.33-5.1mdv2007.0.i586.rpm
466025b4339876efbfee2a7466a46fa2 2007.0/i586/libgd2-devel-2.0.33-5.1mdv2007.0.i586.rpm
8a662acf86e0dc6ef7ef6207f8e1ec5d 2007.0/i586/libgd2-static-devel-2.0.33-5.1mdv2007.0.i586.rpm
c9690844ec1145ed47053e1194fe9dc3 2007.0/SRPMS/gd-2.0.33-5.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
0442cd89cc1fc63d34afc1d7e05576fa 2007.0/x86_64/gd-utils-2.0.33-5.1mdv2007.0.x86_64.rpm
10cdbd6617bfef0029cafdc7a9650761 2007.0/x86_64/lib64gd2-2.0.33-5.1mdv2007.0.x86_64.rpm
3d02da82cf6e5a9885126709b0318c1a 2007.0/x86_64/lib64gd2-devel-2.0.33-5.1mdv2007.0.x86_64.rpm
b696d03707bee9f0c107e88de26f0bf5 2007.0/x86_64/lib64gd2-static-devel-2.0.33-5.1mdv2007.0.x86_64.rpm
c9690844ec1145ed47053e1194fe9dc3 2007.0/SRPMS/gd-2.0.33-5.1mdv2007.0.src.rpm
Corporate 3.0:
47ba42ab82d3d625626a00c65e79effc corporate/3.0/i586/gd-utils-2.0.15-4.3.C30mdk.i586.rpm
02256e730c508cff7acee1204f761512 corporate/3.0/i586/libgd2-2.0.15-4.3.C30mdk.i586.rpm
082545ff3f1596c9ae30d5842442f29e corporate/3.0/i586/libgd2-devel-2.0.15-4.3.C30mdk.i586.rpm
371c86bd9b0eecc7331dfbf72cd0ddd5 corporate/3.0/i586/libgd2-static-devel-2.0.15-4.3.C30mdk.i586.rpm
50b89a63317d23b8712efea59d6fd121 corporate/3.0/SRPMS/gd-2.0.15-4.3.C30mdk.src.rpm
Corporate 3.0/X86_64:
9786831c164719c081bf7d56c276a157 corporate/3.0/x86_64/gd-utils-2.0.15-4.3.C30mdk.x86_64.rpm
141d9ff878b727046f2484e931f662f7 corporate/3.0/x86_64/lib64gd2-2.0.15-4.3.C30mdk.x86_64.rpm
84823810c9c592e0505862cc5882b131 corporate/3.0/x86_64/lib64gd2-devel-2.0.15-4.3.C30mdk.x86_64.rpm
c53cef0bf475c4eeeb59bf4e5c4a11aa corporate/3.0/x86_64/lib64gd2-static-devel-2.0.15-4.3.C30mdk.x86_64.rpm
50b89a63317d23b8712efea59d6fd121 corporate/3.0/SRPMS/gd-2.0.15-4.3.C30mdk.src.rpm
Corporate 4.0:
58ca4f9b316790c648400059a73e53cd corporate/4.0/i586/gd-utils-2.0.33-3.2.20060mlcs4.i586.rpm
57f262fc41dc138a2b01b513e7a6977d corporate/4.0/i586/libgd2-2.0.33-3.2.20060mlcs4.i586.rpm
dfeb2d6e537bcd39e8c4f4dc3cc97782 corporate/4.0/i586/libgd2-devel-2.0.33-3.2.20060mlcs4.i586.rpm
fdd201797572fc130767b6dfa3aaefa5 corporate/4.0/i586/libgd2-static-devel-2.0.33-3.2.20060mlcs4.i586.rpm
91e6169527be92d0a4e1ef4a62bc4dd4 corporate/4.0/SRPMS/gd-2.0.33-3.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
572ae62589b39a2bf9d4dd5b7c34e827 corporate/4.0/x86_64/gd-utils-2.0.33-3.2.20060mlcs4.x86_64.rpm
ca43f6e9a811f49cf442b73c845c8d64 corporate/4.0/x86_64/lib64gd2-2.0.33-3.2.20060mlcs4.x86_64.rpm
8111cbbe7d7fc966fdb8f3c310cf6653 corporate/4.0/x86_64/lib64gd2-devel-2.0.33-3.2.20060mlcs4.x86_64.rpm
32e355162f4e68f339cf98f1c1baf53d corporate/4.0/x86_64/lib64gd2-static-devel-2.0.33-3.2.20060mlcs4.x86_64.rpm
91e6169527be92d0a4e1ef4a62bc4dd4 corporate/4.0/SRPMS/gd-2.0.33-3.2.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFyQqQmqjQ0CJFipgRAmTqAJwLo4zpBARIxrZiunUFgJWWNL7FtQCfRN9l
bQHDQmz0CouN+6lXAiT8L/E=
=m5wx
-----END PGP SIGNATURE-----