Bug#339431: marked as done (CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code)

Debian Bug Tracking System owner at bugs.debian.org
Thu Dec 15 17:03:13 UTC 2005

Your message dated Thu, 15 Dec 2005 08:47:18 -0800
with message-id <E1EmwGE-0001jL-EE at spohr.debian.org>
and subject line Bug#339431: fixed in gtk+2.0 2.8.9-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Received: (at submit) by bugs.debian.org; 16 Nov 2005 09:17:36 +0000
>From jmm at inutil.org Wed Nov 16 01:17:36 2005
Return-path: <jmm at inutil.org>
Received: from inutil.org ([] helo=vserver151.vserver151.serverflex.de)
	by spohr.debian.org with esmtp (Exim 4.50)
	id 1EcJQ7-0006Do-Pd
	for submit at bugs.debian.org; Wed, 16 Nov 2005 01:17:35 -0800
Received: from wlan-client-004.informatik.uni-bremen.de ([] helo=localhost.localdomain)
	by vserver151.vserver151.serverflex.de with esmtpsa (TLS-1.0:RSA_AES_256_CBC_SHA:32)
	(Exim 4.50)
	id 1EcJQ4-0006J7-RE
	for submit at bugs.debian.org; Wed, 16 Nov 2005 10:17:32 +0100
Received: from jmm by localhost.localdomain with local (Exim 4.54)
	id 1EcJPw-0001PW-KK; Wed, 16 Nov 2005 10:17:24 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <jmm at inutil.org>
To: Debian Bug Tracking System <submit at bugs.debian.org>
Subject: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code
X-Mailer: reportbug 3.17
Date: Wed, 16 Nov 2005 10:17:24 +0100
X-Debbugs-Cc: Debian Security Team <team at security.debian.org>
Message-Id: <E1EcJPw-0001PW-KK at localhost.localdomain>
X-SA-Exim-Mail-From: jmm at inutil.org
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond expanded to false
Delivered-To: submit at bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
	X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02

Package: gtk+2.0
Severity: grave
Tags: security
Justification: user security hole

An integer overflow in gdk-pixbuf's XPM rendering code can be exploited
to overwrite the heap and exploit arbitrary code through crafted images.
Please see www.idefense.com/application/poi/display?id=339&type=vulnerabilities
for more details.


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-1-686
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15 at euro (charmap=ISO-8859-15)

Received: (at 339431-close) by bugs.debian.org; 15 Dec 2005 16:51:02 +0000
>From katie at ftp-master.debian.org Thu Dec 15 08:51:02 2005
Return-path: <katie at ftp-master.debian.org>
Received: from katie by spohr.debian.org with local (Exim 4.50)
	id 1EmwGE-0001jL-EE; Thu, 15 Dec 2005 08:47:18 -0800
From: Sebastien Bacher <seb128 at debian.org>
To: 339431-close at bugs.debian.org
X-Katie: $Revision: 1.60 $
Subject: Bug#339431: fixed in gtk+2.0 2.8.9-2
Message-Id: <E1EmwGE-0001jL-EE at spohr.debian.org>
Sender: Archive Administrator <katie at ftp-master.debian.org>
Date: Thu, 15 Dec 2005 08:47:18 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-4.8 required=4.0 tests=BAYES_00,FROM_ENDS_IN_NUMS,
	HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 4

Source: gtk+2.0
Source-Version: 2.8.9-2

We believe that the bug you reported is fixed in the latest version of
gtk+2.0, which is due to be installed in the Debian FTP archive:

  to pool/main/g/gtk+2.0/gtk+2.0_2.8.9-2.diff.gz
  to pool/main/g/gtk+2.0/gtk+2.0_2.8.9-2.dsc
  to pool/main/g/gtk+2.0/gtk2-engines-pixbuf_2.8.9-2_i386.deb
  to pool/main/g/gtk+2.0/gtk2.0-examples_2.8.9-2_i386.deb
  to pool/main/g/gtk+2.0/libgtk2.0-0-dbg_2.8.9-2_i386.deb
  to pool/main/g/gtk+2.0/libgtk2.0-0_2.8.9-2_i386.deb
  to pool/main/g/gtk+2.0/libgtk2.0-bin_2.8.9-2_i386.deb
  to pool/main/g/gtk+2.0/libgtk2.0-common_2.8.9-2_all.deb
  to pool/main/g/gtk+2.0/libgtk2.0-dev_2.8.9-2_i386.deb
  to pool/main/g/gtk+2.0/libgtk2.0-doc_2.8.9-2_all.deb

A summary of the changes between this version and the previous one is

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 339431 at bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
Sebastien Bacher <seb128 at debian.org> (supplier of updated gtk+2.0 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster at debian.org)

Hash: SHA1

Format: 1.7
Date: Thu, 15 Dec 2005 15:13:32 +0100
Source: gtk+2.0
Binary: libgtk2.0-dev libgtk2.0-0-dbg gtk2-engines-pixbuf libgtk2.0-0 libgtk2.0-doc gtk2.0-examples libgtk2.0-bin libgtk2.0-common
Architecture: source i386 all
Version: 2.8.9-2
Distribution: unstable
Urgency: low
Maintainer: Sebastien Bacher <seb128 at debian.org>
Changed-By: Sebastien Bacher <seb128 at debian.org>
 gtk2-engines-pixbuf - Pixbuf-based theme for GTK+ 2.x
 gtk2.0-examples - Examples files for the GTK+ 2.0
 libgtk2.0-0 - The GTK+ graphical user interface library
 libgtk2.0-0-dbg - The GTK+ libraries and debugging symbols
 libgtk2.0-bin - The programs for the GTK+ graphical user interface library
 libgtk2.0-common - Common files for the GTK+ graphical user interface library
 libgtk2.0-dev - Development files for the GTK+ library
 libgtk2.0-doc - Documentation for the GTK+ graphical user interface library
Closes: 323080 323209 323705 339431
 gtk+2.0 (2.8.9-2) unstable; urgency=low
   * Upload to unstable
 gtk+2.0 (2.8.9-1) experimental; urgency=low
   * New upstream version:
     Bugs fixed:
     - File chooser filter behaves weird
     - 2.8.4 to 2.8.6: sound-juicer crash, fileselector assertions
     - On unsetting the Model, GtkTreeView does not clear
       it's associated TreeSelection
     - Crash on selecting a file of null mime-type
     - gtktoolbutton leaks a pixbuf
     - GdkEvent leaked in gtktreeview.c / gtk_tree_view_key_press
     - Typo in trap_activate_cb()
     - gtkcalendar.c: The identifier is already declared.
     - gtk_menu_attach_to_widget() does not take NULL detacher
     - Unhinted fonts are measured incorrectly and drawing
       problems occur as a result
     - unwanted scrolling in recent gtk
     - Toolbars without icons are invisible in icon-only mode
     - Search-entry in the TreeView not working properly
     - gtktoolbutton.c:562: warning: 'image' is used
       uninitialized in this function
     - reference count of textbuffer increases with each paste
     - gtk_selection_data_get_uris leaks memory
     Other changes:
     - Remove GMemChunk from public header files to
       support building against GLib 2.10
     - Report errors in option parsing
     - Merge upstream xdgmime changes to handle duplicate glob patterns
 gtk+2.0 (2.8.8-1) experimental; urgency=low
   * New upstream version:
      - Make F2 work for renaming bookmarks
      - Turn off input methods in password entries
     - Other fixes * Documentation improvements
     - Updated translations
 gtk+2.0 (2.8.7-1) experimental; urgency=low
   * New upstream version.
   * Security fixes:
     - Add check to XPM reader to prevent integer overflow for specially crafted
       number of colors (CVE-2005-3186) (Closes: #339431).
     - Fix endless loop with specially crafted number of colors (CVE-2005-2975).
   * debian/patches/001_fs_documents.patch:
     - updated.
   * debian/rules:
     - fix confusing cp usage.
   [ Loic Minier ]
   * Drop xlibs-dev deps and build-deps.
     [debian/control, debian/control.in]
 gtk+2.0 (2.8.3-1) experimental; urgency=low
   * New upstream version:
     - Fix problems with the handling of initial settings
       for font options and cursor themes.
     - Add a --ignore-theme-index option to gtk-update-icon-cache.
 gtk+2.0 (2.8.2-1) experimental; urgency=low
   * New upstream version:
     - Fix a crash with custom icon themes, which affected
       the gnome-theme-manager.
     - Make sure font and cursor settings are propaged down
       to the screen initially.
   * debian/control.in:
     - require the current pango.
 gtk+2.0 (2.8.1-1) experimental; urgency=low
   * New upstream version:
     - gtk-update-icon-cache no longer stores copies of symlinked icons,
       and it has a --index-only option to omit image data from the cache.
     - Make large GtkSizeGroups more efficient.
     - Improve positioning of menus in GtkToolbar.
     - Make scrolling work on unrealized icon views.
     - Avoid unnecessary redraws on range widgets.
     - Make sure that all GTK+ applications reload icon themes promptly.
     - Ensure that gdk_pango_get_context() and gtk_widget_get_pango_context()
       use the same font options and dpi value.
     - Multiple memory leak fixes.
   * debian/control.in:
     - updated the libgtk2.0-dev Depends according to the changes.
   * debian/rules:
     Add --enable-explicit-deps=yes to make sure stuff like x11 gets listed as a
     Requires: in gdk(-x11)-2.0.pc, because otherwise linkage against -lX11 and
     friends doesn't get carried through.  Whether or not this is correct is
     arguable, since libgdk-x11-2.0.so.0* ends up linked against it anyway, but
     stuff like gnome-panel seems to be relying on this transience.
     Change by Daniel Stone.
 gtk+2.0 (2.8.0-1) experimental; urgency=low
   * New upstream version.
   * debian/control.in:
     - build with the new cairo (Closes: #323705).
     - updated the Build-Depends for xorg (Closes: #323080).
   * debian/copyright:
     - use License instead of Copyright (Closes: #323209).
   * debian/patches/001_fs_documents.patch:
     - default to Documents.
   * debian/rules:
     - updated the shlibs.
   * debian/watch:
     - updated.
 gtk+2.0 (2.7.2-1) experimental; urgency=low
   * New upstream version.
   * debian/control.in:
     - updated the Build-Depends.
   * debian/rules:
     - updated the shlibs.
     - use cairo.
   * debian/watch:
     - updated.
 1168f708b3152ef02fa14c5e9e7e666d 2127 libs optional gtk+2.0_2.8.9-2.dsc
 da7344154109ae591fae0a4193259719 48698 libs optional gtk+2.0_2.8.9-2.diff.gz
 5d8775aba46b7812667d5a22100ccebd 3447862 misc optional libgtk2.0-common_2.8.9-2_all.deb
 1212947f20296d9feea1fe696c838f55 2460724 doc optional libgtk2.0-doc_2.8.9-2_all.deb
 af7362ba651f8621f61abb335678d7b7 2080400 libs optional libgtk2.0-0_2.8.9-2_i386.deb
 e51684ba22ce62e57e151a3093115768 21528 misc optional libgtk2.0-bin_2.8.9-2_i386.deb
 4afc4ca44ee5005c6cc669f648eb64fe 2260522 libdevel optional libgtk2.0-dev_2.8.9-2_i386.deb
 c5dd3fa6f667869273db4c18bdfc55ce 3638590 libdevel extra libgtk2.0-0-dbg_2.8.9-2_i386.deb
 6750ab997828faceabefbdbc674caa42 275066 x11 extra gtk2.0-examples_2.8.9-2_i386.deb
 a506ee85575a6a5d1f6265ea67833538 56048 graphics optional gtk2-engines-pixbuf_2.8.9-2_i386.deb

Version: GnuPG v1.4.2 (GNU/Linux)


More information about the Pkg-gnome-maintainers mailing list