[ GLSA 200503-05 ] xli, xloadimage: Multiple vulnerabilities

From: Thierry Carrez (koon_at_gentoo.org)
Date: 03/02/05

  • Next message: Gilles DEMARTY: "Re: Firefox Software Update"
    Date: Wed, 02 Mar 2005 19:58:16 +0100
    To: gentoo-announce@lists.gentoo.org
    
    
    

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Gentoo Linux Security Advisory GLSA 200503-05
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                http://security.gentoo.org/
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

      Severity: Normal
         Title: xli, xloadimage: Multiple vulnerabilities
          Date: March 02, 2005
          Bugs: #79762
            ID: 200503-05

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Synopsis
    ========

    xli and xloadimage are vulnerable to multiple issues, potentially
    leading to the execution of arbitrary code.

    Background
    ==========

    xli and xloadimage are X11 utilities for displaying and manipulating a
    wide range of image formats.

    Affected packages
    =================

        -------------------------------------------------------------------
         Package / Vulnerable / Unaffected
        -------------------------------------------------------------------
      1 media-gfx/xloadimage < 4.1-r2 >= 4.1-r2
      2 media-gfx/xli < 1.17.0-r1 >= 1.17.0-r1
        -------------------------------------------------------------------
         2 affected packages on all of their supported architectures.
        -------------------------------------------------------------------

    Description
    ===========

    Tavis Ormandy of the Gentoo Linux Security Audit Team has reported that
    xli and xloadimage contain a flaw in the handling of compressed images,
    where shell meta-characters are not adequately escaped. Rob Holland of
    the Gentoo Linux Security Audit Team has reported that an xloadimage
    vulnerability in the handling of Faces Project images discovered by
    zen-parse in 2001 remained unpatched in xli. Additionally, it has been
    reported that insufficient validation of image properties in xli could
    potentially result in buffer management errors.

    Impact
    ======

    Successful exploitation would permit a remote attacker to execute
    arbitrary shell commands, or arbitrary code with the privileges of the
    xloadimage or xli user.

    Workaround
    ==========

    There is no known workaround at this time.

    Resolution
    ==========

    All xli users should upgrade to the latest version:

        # emerge --sync
        # emerge --ask --oneshot --verbose ">=media-gfx/xli-1.17.0-r1"

    All xloadimage users should also upgrade to the latest version:

        # emerge --sync
        # emerge --ask --oneshot --verbose ">=media-gfx/xloadimage-4.1-r2"

    References
    ==========

      [ 1 ] CAN-2001-0775
            http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775

    Availability
    ============

    This GLSA and any updates to it are available for viewing at
    the Gentoo Security Website:

      http://security.gentoo.org/glsa/glsa-200503-05.xml

    Concerns?
    =========

    Security is a primary focus of Gentoo Linux and ensuring the
    confidentiality and security of our users machines is of utmost
    importance to us. Any security concerns should be addressed to
    security@gentoo.org or alternatively, you may file a bug at
    http://bugs.gentoo.org.

    License
    =======

    Copyright 2005 Gentoo Foundation, Inc; referenced text
    belongs to its owner(s).

    The contents of this document are licensed under the
    Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.0

    
    



  • Next message: Gilles DEMARTY: "Re: Firefox Software Update"