USN-697-1: Imlib2 vulnerability

12-22-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

USN-697-1: Imlib2 vulnerability

Referenced CVEs:
CVE-2008-2426

Description:
===========================================================Ubuntu Security Notice USN-697-1 December 22, 2008imlib2 vulnerabilityCVE-2008-2426===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10Ubuntu 8.04 LTSThis advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libimlib2 1.2.1-2ubuntu0.4Ubuntu 7.10: libimlib2 1.3.0.0debian1-4ubuntu0.2Ubuntu 8.04 LTS: libimlib2 1.4.0-1ubuntu1.2After a standard system upgrade you need to restart any applications thatuse Imlib2 to effect the necessary changes.Details follow:It was discovered that Imlib2 did not correctly handle certain malformed XPMand PNG images. If a user were tricked into opening a specially crafted imagewith an application that uses Imlib2, an attacker could cause a denial ofservice and possibly execute arbitrary code with the user's privileges.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

fpsd(1M) System Administration Commands fpsd(1M) NAME
fpsd - Fp-scrubber daemon SYNOPSIS
/usr/lib/fps/fpsd DESCRIPTION
fpsd is a user-level daemon that periodically runs non-intrusive tests to validate proper functioning of FPU (Floating Point Unit) hardware in the system. A fault management action is initiated by means of fmd(1M), in case an error is detected by the test. EXIT STATUS
The following exit values are returned: 0 Successful completion. non-zero An error occurred. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWfsu | +-----------------------------+-----------------------------+ |Interface Stability |Uncommitted | +-----------------------------+-----------------------------+ SEE ALSO
svcs(1), fmd(1M), svcadm(1M), svccfg(1M), attributes(5), smf(5) NOTES
The fpsd service is managed by the service management facility, smf(5), under the service identifier: svc:/system/fpsd:default You can use svccfg(1M) to change the default fpsd behavior: Property Name Type Description ------------- ---- ----------- config/exclude_cpus astring comma delimited list of CPU IDs to be excluded from proactive testing. Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). The ser- vice's status can be queried using the svcs(1) command. Disabling the service can increase system's vulnerability to silent data corruption, if a fault were to develop in an FPU within the sys- tem. SunOS 5.11 7 Aug 2008 fpsd(1M)

Security Advisories (RSS)

USN-697-1: Imlib2 vulnerability

LEARN ABOUT OPENSOLARIS

fpsd