Bulletin d'alerte Debian
DSA-1116-1 gimp -- Dépassement de tampon
- Date du rapport :
- 21 juillet 2006
- Paquets concernés :
- gimp
- Vulnérabilité :
- Oui
- Références dans la base de données de sécurité :
- Dans le dictionnaire CVE du Mitre : CVE-2006-3404.
- Plus de précisions :
-
Henning Makholm a découvert un dépassement de tampon dans le code de chargement des fichiers XCF dans Gimp, un programme de retouche et de création d'images. L'ouverture d'un fichier XCF spécialement conçu pouvait provoquer l'exécution de code arbitraire par l'application.
Pour l'actuelle distribution stable (Sarge), ce problème a été corrigé dans la version 2.2.6-1sarge1.
Pour la distribution instable (Sid), ce problème a été corrigé dans la version 2.2.11-3.1.
Nous vous recommandons de mettre à jour vos paquets gimp.
- Corrigé dans :
-
Debian GNU/Linux 3.1 alias sarge
- Source :
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1.dsc
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1.diff.gz
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6.orig.tar.gz
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1.diff.gz
- Composant indépendant de l'architecture :
- http://security.debian.org/pool/updates/main/g/gimp/gimp-data_2.2.6-1sarge1_all.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp1.2_2.2.6-1sarge1_all.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-doc_2.2.6-1sarge1_all.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp1.2_2.2.6-1sarge1_all.deb
- Alpha architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_alpha.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_alpha.deb
- AMD64 architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_amd64.deb
- ARM architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_arm.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_arm.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_arm.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_arm.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_arm.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_arm.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_arm.deb
- Intel IA-32 architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_i386.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_i386.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_i386.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_i386.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_i386.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_i386.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_i386.deb
- Intel IA-64 architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_ia64.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_ia64.deb
- HP Precision architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_hppa.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_hppa.deb
- Motorola 680x0 architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_m68k.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_m68k.deb
- Big endian MIPS architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_mips.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_mips.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_mips.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_mips.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_mips.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_mips.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_mips.deb
- Little endian MIPS architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_mipsel.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_mipsel.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_mipsel.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_mipsel.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_mipsel.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_mipsel.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_mipsel.deb
- PowerPC architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_powerpc.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_powerpc.deb
- IBM S/390 architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_s390.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_s390.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_s390.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_s390.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_s390.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_s390.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_s390.deb
- Sun Sparc architecture:
- http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge1_sparc.deb
- http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge1_sparc.deb
Les sommes MD5 des fichiers indiqués sont disponibles sur la page originale de l'alerte de sécurité.