English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           wxPythonGTK
 Advisory ID:            MDKSA-2005:144
 Date:                   August 18th, 2005

 Affected versions:  10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 Wouter Hanegraaff discovered that the TIFF library did not sufficiently
 validate the "YCbCr subsampling" value in TIFF image headers. Decoding 
 a malicious image with a zero value resulted in an arithmetic exception, 
 which can cause a program that uses the TIFF library to crash. 
 
 wxPythonGTK uses an embedded libtiff source tree, and as such has the
 same vulnerability.
 
 The updated packages have been rebuilt using the system libraries and
 should now incorporate all the updates to libjpeg, libpng, libtiff and
 zlib.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2452
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 1792bef2b7c38d434f5c580885918fa9  10.1/RPMS/libwxPythonGTK2.5_2-2.5.2.7-3.1.101mdk.i586.rpm
 e74ecbc67fb44bc41c211c9c48d99bf2  10.1/RPMS/libwxPythonGTK2.5_2-devel-2.5.2.7-3.1.101mdk.i586.rpm
 cbc0ab1e5ff4890e6ca773bc106a22ba  10.1/RPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.i586.rpm
 b9a21a161373a223927041bfb59e9daa  10.1/SRPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 58a22e1baf7b89f5cba1904cc385a62d  x86_64/10.1/RPMS/lib64wxPythonGTK2.5_2-2.5.2.7-3.1.101mdk.x86_64.rpm
 3416e43ec121b43dd0fa320ced1a1692  x86_64/10.1/RPMS/lib64wxPythonGTK2.5_2-devel-2.5.2.7-3.1.101mdk.x86_64.rpm
 04420e8c6fa31ae8266bf1646442665b  x86_64/10.1/RPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.x86_64.rpm
 b9a21a161373a223927041bfb59e9daa  x86_64/10.1/SRPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 8deaae175c40b0b2aae1c0a9260e6c5e  10.2/RPMS/libwxPythonGTK2.5_3-2.5.3.1-3.1.102mdk.i586.rpm
 b240df592e137d2b429118a51561475f  10.2/RPMS/libwxPythonGTK2.5_3-devel-2.5.3.1-3.1.102mdk.i586.rpm
 142a95ae853496fa62488898a8e22a5c  10.2/RPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.i586.rpm
 8a04fcd0d0d70bc22549b20374aa2fc4  10.2/SRPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 3641fdd53027c69755b2026f9868bcd4  x86_64/10.2/RPMS/lib64wxPythonGTK2.5_3-2.5.3.1-3.1.102mdk.x86_64.rpm
 a84597c3db0f2f38f493693d0cfbf0d6  x86_64/10.2/RPMS/lib64wxPythonGTK2.5_3-devel-2.5.3.1-3.1.102mdk.x86_64.rpm
 f453d626b50c9f8e5fd7b801f06a53c6  x86_64/10.2/RPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.x86_64.rpm
 8a04fcd0d0d70bc22549b20374aa2fc4  x86_64/10.2/SRPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.src.rpm

 Corporate 3.0:
 30310777699ba2bc43269fea791785a6  corporate/3.0/RPMS/libwxPythonGTK2.4-2.4.2.4-2.1.C30mdk.i586.rpm
 2ab1c06543b33f2304caa2f75c234a74  corporate/3.0/RPMS/libwxPythonGTK2.4-devel-2.4.2.4-2.1.C30mdk.i586.rpm
 1ff251baed6af07e5604521ae8390f06  corporate/3.0/RPMS/wxPythonGTK-2.4.2.4-2.1.C30mdk.i586.rpm
 fbf97259f8e496bf20af99c1cacb08b1  corporate/3.0/SRPMS/wxPythonGTK-2.4.2.4-2.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDBOsjmqjQ0CJFipgRAi91AJwOyfuUHD4/Zr5KsndSbEJqAzI7MgCfRb2r
wUXPRILQAr0ZQlQMXBFxZT4=
=6Vnf
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.