Network Security Audits / Vulnerability Assessments by SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1045
2005-11-03
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : libungif
Version     : 4.1.3
Release     : 1.fc3.2
Summary     : A library for manipulating GIF format image files.
Description :
The libungif package contains a shared library of functions for
loading and saving GIF format image files.  The libungif library can
load any GIF file, but it will save GIFs only in uncompressed format
(i.e., it won't use the patented LZW compression used to save "normal"
compressed GIF files).

Install the libungif package if you need to manipulate GIF files.  You
should also install the libungif-progs package.

---------------------------------------------------------------------
Update Information:

The libungif package contains a shared library of functions
for loading and saving GIF format image files. The libungif
library can load any GIF file, but it will save GIFs only in
uncompressed format; it will not use the patented LZW
compression used to save "normal" compressed GIF files.

A bug was found in the way libungif handles colormaps. An
attacker could create a GIF file in such a way that could
cause out-of-bounds writes and register corruptions. The
Common Vulnerabilities and Exposures project assigned the
name CAN-2005-2974 to this issue.

All users of libungif should upgrade to the updated
packages, which contain a backported patch to resolve this
issue.
---------------------------------------------------------------------
* Fri Oct 21 2005 Matthias Clasen <mclasen@redhat.com> 4.1.3-1.fc3.2
- Fix several register corruptions and an out-of-bounds write.

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

59b249a82af75aac014f5f59feb9cc90  SRPMS/libungif-4.1.3-1.fc3.2.src.rpm
957e1e48dea2fd1c00002300383ea0ff  x86_64/libungif-4.1.3-1.fc3.2.x86_64.rpm
22e85959823663ab61a3051c647ee4db  x86_64/libungif-devel-4.1.3-1.fc3.2.x86_64.rpm
294a1239db36f6ed2a19d81ce231cccf  x86_64/libungif-progs-4.1.3-1.fc3.2.x86_64.rpm
52e4a7e9202399f70a70c9acd8f91ebf  x86_64/debug/libungif-debuginfo-4.1.3-1.fc3.2.x86_64.rpm
fb89bd175856a46addbba3ccdd425311  x86_64/libungif-4.1.3-1.fc3.2.i386.rpm
fb89bd175856a46addbba3ccdd425311  i386/libungif-4.1.3-1.fc3.2.i386.rpm
ca85f8bee06885cc740ac3525892059b  i386/libungif-devel-4.1.3-1.fc3.2.i386.rpm
afae5a45ffcaa93b91f4b360abe30c93  i386/libungif-progs-4.1.3-1.fc3.2.i386.rpm
0ab5bdd2c1c837c0a3e78f5465c3edb5  i386/debug/libungif-debuginfo-4.1.3-1.fc3.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list