=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN010
_____________________________________________________________________

DATE                      : 07/01/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems using imlib2.

======================================================================

- --------------------------------------------------------------------------
Debian Security Advisory DSA 628-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
January 6th, 2005                       http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : imlib2
Vulnerability  : integer overflows
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-1026

Pavel Kankovsky discovered that several overflows found in the libXpm
library were also present in imlib and imlib2, imaging libraries for
X11.  An attacker could create a carefully crafted image file in such
a way that it could cause an application linked with imlib or imlib2
to execute arbitrary code when the file was opened by a victim.  The
Common Vulnerabilities and Exposures project identifies the following
problems:

CAN-2004-1025

     Multiple heap-based buffer overflows.  No such code is present in
     imlib2.

CAN-2004-1026

     Multiple integer overflows in the imlib library.

For the stable distribution (woody) these problems have been fixed in
version 1.0.5-2woody2.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your imlib2 packages.


Upgrade Instructions
- --------------------

wget url
         will fetch the file for you
dpkg -i file.deb
         will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
         will update the internal database
apt-get upgrade
         will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

   Source archives:

     http://security.debian.org/pool/updates/main/i/imlib2/imlib2_1.0.5-2woody2.dsc
       Size/MD5 checksum:      733 6f6e8508b5b630a86f9efcfecde7def4
     http://security.debian.org/pool/updates/main/i/imlib2/imlib2_1.0.5-2woody2.diff.gz
       Size/MD5 checksum:    24428 a564f25fde0c5b0cabcc09d5b5159535
     http://security.debian.org/pool/updates/main/i/imlib2/imlib2_1.0.5.orig.tar.gz
       Size/MD5 checksum:   688261 3b1a80c95ff2a4cfb3bce49e27d94461

   Alpha architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_alpha.deb
       Size/MD5 checksum:   191216 5fb5991f4fb1239e5f1cd0c1a7d969bf
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_alpha.deb
       Size/MD5 checksum:   483026 cdf1447ba093954a4d99bec1d04aecb9

   ARM architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_arm.deb
       Size/MD5 checksum:   165194 2c7d609e7f2777a118be441b7379ec49
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_arm.deb
       Size/MD5 checksum:   440948 601854f35385592e7c3daeda7c6e946b

   Intel IA-32 architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_i386.deb
       Size/MD5 checksum:   149446 51b598088378311845699e97e480f88d
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_i386.deb
       Size/MD5 checksum:   403528 ffbb69fee4cf35317c63813e86153173

   Intel IA-64 architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_ia64.deb
       Size/MD5 checksum:   246832 aefd120663f3d66136a295fb2834ebc4
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_ia64.deb
       Size/MD5 checksum:   508434 06f35a685680b023cd403c35b7ae423f

   HP Precision architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_hppa.deb
       Size/MD5 checksum:   193598 f5d1aa5591f46bf7cc0a4991ebf17b57
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_hppa.deb
       Size/MD5 checksum:   467452 1692700274cf6db934c3e8eada86e0ca

   Motorola 680x0 architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_m68k.deb
       Size/MD5 checksum:   149362 b7b490352539282cb496fe0033f1510c
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_m68k.deb
       Size/MD5 checksum:   402692 2d2848f5df47b51e6731e63d2e3f4a61

   Big endian MIPS architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_mips.deb
       Size/MD5 checksum:   158132 8fa35f404b87dc55a85b9f864c60dd3b
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_mips.deb
       Size/MD5 checksum:   447340 d7260c65edee790294ca5abe78ed8ea9

   Little endian MIPS architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_mipsel.deb
       Size/MD5 checksum:   157308 ca665733cf4f1bba438d4e8c1dc2b2d3
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_mipsel.deb
       Size/MD5 checksum:   439724 910d1d3f6d92c33229046a07780e52d1

   PowerPC architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_powerpc.deb
       Size/MD5 checksum:   168694 cd8efd37e1b4c99790676b7859f7d655
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_powerpc.deb
       Size/MD5 checksum:   443648 f0cd41775ea1e80875e4109662408e52

   IBM S/390 architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_s390.deb
       Size/MD5 checksum:   169030 8200d4599577df133a9a944786e958e7
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_s390.deb
       Size/MD5 checksum:   421472 f7fc3deb38b061fb5e6bd1f448dea617

   Sun Sparc architecture:

     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_sparc.deb
       Size/MD5 checksum:   166290 96777c27912c44e1ca40089cca0a5453
     http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_sparc.deb
       Size/MD5 checksum:   434848 edc14a5c15cab67eaa1b7cf50ae28450


   These files will probably be moved into the stable distribution on
   its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================