Alerta de Segurança Debian
DSA-602-1 libgd2 -- estouro de inteiro
- Data do Alerta:
- 29 Nov 2004
- Pacotes Afetados:
- libgd2
- Vulnerável:
- Sim
- Referência à base de dados de segurança:
- No dicionário CVE do Mitre: CVE-2004-0941, CVE-2004-0990.
- Informações adicionais:
-
Mais estouros de inteiro em potencial que não foram cobertos em nosso alerta de segurança DSA 591 foram encontrados na biblioteca gráfica GD. Eles podem ser explotados por um gráfico criado especialmente com este fim, levando à execução de código arbitrário no computador da vítima.
Para a distribuição estável (woody), estes problemas foram corrigidos na versão 2.0.1-10woody2.
Para a distribuição instável (sid), estes problemas serão corrigidos em breve.
Nós recomendamos que você atualize seus pacotes libgd2.
- Corrigido em:
-
Debian GNU/Linux 3.0 (woody)
- Fonte:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2.dsc
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2.diff.gz
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1.orig.tar.gz
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2.diff.gz
- Alpha:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_alpha.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_alpha.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_alpha.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_alpha.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_alpha.deb
- ARM:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_arm.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_arm.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_arm.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_arm.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_i386.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_i386.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_i386.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_i386.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_ia64.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_ia64.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_ia64.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_ia64.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_ia64.deb
- HPPA:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_hppa.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_hppa.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_hppa.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_hppa.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_hppa.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_m68k.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_m68k.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_m68k.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_m68k.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_m68k.deb
- Big endian MIPS:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_mips.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_mips.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_mips.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_mips.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_mips.deb
- Little endian MIPS:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_mipsel.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_mipsel.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_mipsel.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_mipsel.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_powerpc.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_powerpc.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_powerpc.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_powerpc.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_s390.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_s390.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_s390.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_s390.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd-tools_2.0.1-10woody2_sparc.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_sparc.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-dev_2.0.1-10woody2_sparc.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2-noxpm_2.0.1-10woody2_sparc.deb
- http://security.debian.org/pool/updates/main/libg/libgd2/libgd2_2.0.1-10woody2_sparc.deb
Checksums MD5 dos arquivos listados estão disponíveis no alerta original.