Secunia Logo
 Vulnerability IntelligenceVulnerability ScanningCommunityBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Debian update for imlib2
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Debian update for imlib2
Secunia Advisory: SA30727
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2008-06-16
Popularity: 1,706 views

Critical:
Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch

OS:Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2008-2426
Description:
Debian has issued an update for imlib2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.

For more information:
SA30401

Solution:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updat...ib2/imlib2_1.3.0.0debian1.orig.tar.gz
Size/MD5 checksum: 617750 7f389463afdb09310fa61e5036714bb3
http://security.debian.org/pool/updat...imlib2_1.3.0.0debian1-4+etch1.diff.gz
Size/MD5 checksum: 12944 dfaa8fc191ba424ddca3d30f22e937f2
http://security.debian.org/pool/updat...ib2/imlib2_1.3.0.0debian1-4+etch1.dsc
Size/MD5 checksum: 775 f4c69d4c2f3fb211dcc11efb3b21af41

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updat...lib2_1.3.0.0debian1-4+etch1_alpha.deb
Size/MD5 checksum: 240252 84ccb092527c92ab89d9ed512e245916
http://security.debian.org/pool/updat...-dev_1.3.0.0debian1-4+etch1_alpha.deb
Size/MD5 checksum: 437534 3e50828b24c37499731fab5381746431

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updat...lib2_1.3.0.0debian1-4+etch1_amd64.deb
Size/MD5 checksum: 212080 d5315c907b16282b8de22b9ea95d524f
http://security.debian.org/pool/updat...-dev_1.3.0.0debian1-4+etch1_amd64.deb
Size/MD5 checksum: 360298 eb9bf8871df21b7fd2b6eb85001a2bab

arm architecture (ARM)

http://security.debian.org/pool/updat...imlib2_1.3.0.0debian1-4+etch1_arm.deb
Size/MD5 checksum: 205102 56d84273f0c03b98af72a8dcb5a3f1b0
http://security.debian.org/pool/updat...b2-dev_1.3.0.0debian1-4+etch1_arm.deb
Size/MD5 checksum: 333920 9d3d50186a2cafae99ff83dc530b6a04

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updat...mlib2_1.3.0.0debian1-4+etch1_hppa.deb
Size/MD5 checksum: 227236 abbac82e10c70a8ee9487474fd5fd9a8
http://security.debian.org/pool/updat...2-dev_1.3.0.0debian1-4+etch1_hppa.deb
Size/MD5 checksum: 387436 d65cd087d8f8ef55409ce90bd7daa629

i386 architecture (Intel ia32)

http://security.debian.org/pool/updat...2-dev_1.3.0.0debian1-4+etch1_i386.deb
Size/MD5 checksum: 335480 a5d1e1785b4672b0a82f74faa3e5c540
http://security.debian.org/pool/updat...mlib2_1.3.0.0debian1-4+etch1_i386.deb
Size/MD5 checksum: 205822 ea69ea39af2b9d8eff8aa21ec7dc651d

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updat...2-dev_1.3.0.0debian1-4+etch1_ia64.deb
Size/MD5 checksum: 462716 d704daabf34495a424679cfaea41d07c
http://security.debian.org/pool/updat...mlib2_1.3.0.0debian1-4+etch1_ia64.deb
Size/MD5 checksum: 295084 2163e519dd163c538c336bae02cd13b1

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updat...mlib2_1.3.0.0debian1-4+etch1_mips.deb
Size/MD5 checksum: 207264 1e07b5e265a8a1b0f566da66a6ea835d
http://security.debian.org/pool/updat...2-dev_1.3.0.0debian1-4+etch1_mips.deb
Size/MD5 checksum: 370422 c9228c0b2473b4b1a0c1ac71e83c6038

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updat...ib2_1.3.0.0debian1-4+etch1_mipsel.deb
Size/MD5 checksum: 207918 60613fdbc42253238604de9c6014cdae
http://security.debian.org/pool/updat...dev_1.3.0.0debian1-4+etch1_mipsel.deb
Size/MD5 checksum: 369270 fb2a112b3d3aef2435e35b929a9409d6

powerpc architecture (PowerPC)

http://security.debian.org/pool/updat...ev_1.3.0.0debian1-4+etch1_powerpc.deb
Size/MD5 checksum: 359884 f80a6cf789bbd0dd9e343d14fbcd5681
http://security.debian.org/pool/updat...b2_1.3.0.0debian1-4+etch1_powerpc.deb
Size/MD5 checksum: 218898 e31109e44238606a23a503f7b4ce2c00

s390 architecture (IBM S/390)

http://security.debian.org/pool/updat...mlib2_1.3.0.0debian1-4+etch1_s390.deb
Size/MD5 checksum: 216166 bbea7d856ebdd4f5efb5d7c5f7f15eda
http://security.debian.org/pool/updat...2-dev_1.3.0.0debian1-4+etch1_s390.deb
Size/MD5 checksum: 368896 8188adbdd41762f0e7fe03389d0e96de

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updat...-dev_1.3.0.0debian1-4+etch1_sparc.deb
Size/MD5 checksum: 336322 0732b1dbb4be6df3008c288b79b27349
http://security.debian.org/pool/updat...lib2_1.3.0.0debian1-4+etch1_sparc.deb
Size/MD5 checksum: 197812 cb45e7b014b0cb66f816af3add1947a1

-- Debian GNU/Linux unstable alias sid --

Fixed in version 1.4.0-1.1.

Original Advisory:
http://lists.debian.org/debian-security-announce/2008/msg00175.html

Other References:
SA30401:
http://secunia.com/advisories/30401/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Today
New advisories: 1
New vulnerabilities: 1
Updated advisories: 1

Moderately // 21 views
My Simple Forum "action" Local File Inclusion Vulnerability

4th Dec, 2008
New advisories: 20
New vulnerabilities: 45
Updated advisories: 31

Not // 462 views
Linux Kernel PARISC "parisc_show_stack() " Denial of Service
Not // 391 views
IBM HMC HTTP TRACE Response Cross-Site Scripting Weakness
Moderately // 492 views
PHP ZipArchive::extractT o() Directory Traversal Vulnerability
Moderately // 369 views
RSyslog "AllowedSender" Security Bypass Vulnerability
Moderately // 478 views
Nagios Unspecified CGI Vulnerability
Highly // 395 views
RadAsm ".rap" Processing Buffer Overflow Vulnerability
Highly // 382 views
Multi SEO phpBB "pfad" File Inclusion Vulnerability
Moderately // 384 views
PowerDNS CH HINFO Denial of Service Vulnerability
Less // 389 views
Drupal Storm Module SQL Injection Vulnerabilities

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Sun Java JDK / JRE Multiple Vulnerabilities // 210 views
2. Adobe Flash Player Multiple Security Issues and Vulnerabilities // 59 views
3. Linux Kernel PARISC "parisc_show_stack()" Denial of Service // 40 views
4. PHP ZipArchive::extractTo() Directory Traversal Vulnerability // 32 views
5. Nagios Unspecified CGI Vulnerability // 32 views
6. IBM HMC HTTP TRACE Response Cross-Site Scripting Weakness // 29 views
7. VLC Media Player Real Demuxer Integer Overflow Vulnerability // 28 views
8. RadAsm ".rap" Processing Buffer Overflow Vulnerability // 22 views
9. phpJobScheduler "installed_config_file" File Inclusion Vulnerabilities // 20 views
10. Multi SEO phpBB "pfad" File Inclusion Vulnerability // 19 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008