[Full-Disclosure] Security Update: [CSSA-2002-042.0] Linux: libpng progressive image loading vulnerabilities and other buffer overflows

From: securityat_private
Date: Tue Nov 12 2002 - 13:45:18 PST

  • Next message: Muhammad Faisal Rauf Danka: "[Full-Disclosure] XSS in Postnuke Rogue release (0.72)" 

    To: bugtraqat_private announceat_private security-alertsat_private full-disclosureat_private

______________________________________________________________________________

			SCO Security Advisory

Subject:		Linux: libpng progressive image loading vulnerabilities and other buffer overflows
Advisory number: 	CSSA-2002-042.0
Issue date: 		2002 November 12
Cross reference:
______________________________________________________________________________


1. Problem Description

	There are two buffer overflow vulnerabilities in the libpng code:
	one of which can allow attackers to cause a denial of service,
	and the other that can cause a denial of service with the
	possibility of executing arbitrary code.


2. Vulnerable Supported Versions

	System				Package
	----------------------------------------------------------------------

	OpenLinux 3.1.1 Server		prior to libpng-1.0.15-5MR.i386.rpm
					prior to libpng-devel-1.0.15-5MR.i386.rpm
					prior to libpng-devel-static-1.0.15-5MR.i386.rpm

	OpenLinux 3.1.1 Workstation	prior to libpng-1.0.15-5MR.i386.rpm
					prior to libpng-devel-1.0.15-5MR.i386.rpm
					prior to libpng-devel-static-1.0.15-5MR.i386.rpm

	OpenLinux 3.1 Server		prior to libpng-1.0.15-5MR.i386.rpm
					prior to libpng-devel-1.0.15-5MR.i386.rpm
					prior to libpng-devel-static-1.0.15-5MR.i386.rpm

	OpenLinux 3.1 Workstation	prior to libpng-1.0.15-5MR.i386.rpm
					prior to libpng-devel-1.0.15-5MR.i386.rpm
					prior to libpng-devel-static-1.0.15-5MR.i386.rpm


3. Solution

	The proper solution is to install the latest packages. Many
	customers find it easier to use the Caldera System Updater, called
	cupdate (or kcupdate under the KDE environment), to update these
	packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

	4.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-042.0/RPMS

	4.2 Packages

	93221732f6fcd8d2a06082d68ce460e2	libpng-1.0.15-5MR.i386.rpm
	98fb336313cdd6e4b5e0d2e80f0e6de5	libpng-devel-1.0.15-5MR.i386.rpm
	c474133b01b1f7f39d65fd017635e109	libpng-devel-static-1.0.15-5MR.i386.rpm

	4.3 Installation

	rpm -Fvh libpng-1.0.15-5MR.i386.rpm
	rpm -Fvh libpng-devel-1.0.15-5MR.i386.rpm
	rpm -Fvh libpng-devel-static-1.0.15-5MR.i386.rpm

	4.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-042.0/SRPMS

	4.5 Source Packages

	512eda0dec68d56065b515ecd540f585	libpng-1.0.15-5MR.src.rpm


5. OpenLinux 3.1.1 Workstation

	5.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-042.0/RPMS

	5.2 Packages

	f92a046d343a7f174b4912e3be8e6e5b	libpng-1.0.15-5MR.i386.rpm
	0106b36eb2d7d6469f04e43b2752ebfa	libpng-devel-1.0.15-5MR.i386.rpm
	b036341f4c3db77dd44c071aa863781c	libpng-devel-static-1.0.15-5MR.i386.rpm

	5.3 Installation

	rpm -Fvh libpng-1.0.15-5MR.i386.rpm
	rpm -Fvh libpng-devel-1.0.15-5MR.i386.rpm
	rpm -Fvh libpng-devel-static-1.0.15-5MR.i386.rpm

	5.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-042.0/SRPMS

	5.5 Source Packages

	95fa381705ae3d28b971d3f96592ec73	libpng-1.0.15-5MR.src.rpm


6. OpenLinux 3.1 Server

	6.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-042.0/RPMS

	6.2 Packages

	112edf2530cc5df8a1c54f18a26b5b41	libpng-1.0.15-5MR.i386.rpm
	8fe1bf881e31e38c34100569b52a5213	libpng-devel-1.0.15-5MR.i386.rpm
	411476fc864656d877b43d695f7cc789	libpng-devel-static-1.0.15-5MR.i386.rpm

	6.3 Installation

	rpm -Fvh libpng-1.0.15-5MR.i386.rpm
	rpm -Fvh libpng-devel-1.0.15-5MR.i386.rpm
	rpm -Fvh libpng-devel-static-1.0.15-5MR.i386.rpm

	6.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-042.0/SRPMS

	6.5 Source Packages

	d8fb9343ec9a91e36fbd0375e478a5a2	libpng-1.0.15-5MR.src.rpm


7. OpenLinux 3.1 Workstation

	7.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-042.0/RPMS

	7.2 Packages

	450c615089d6ee0af856574111dfb074	libpng-1.0.15-5MR.i386.rpm
	e160fd394b9a116fa68e7cdffd8d6dec	libpng-devel-1.0.15-5MR.i386.rpm
	28543b8410403f28a1dc8949cf82eb2f	libpng-devel-static-1.0.15-5MR.i386.rpm

	7.3 Installation

	rpm -Fvh libpng-1.0.15-5MR.i386.rpm
	rpm -Fvh libpng-devel-1.0.15-5MR.i386.rpm
	rpm -Fvh libpng-devel-static-1.0.15-5MR.i386.rpm

	7.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-042.0/SRPMS

	7.5 Source Packages

	29579bd08c919cd5de11acbc11026e21	libpng-1.0.15-5MR.src.rpm


8. References

	Specific references for this advisory:
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0728
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0660
		ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-list.200207

	SCO security resources:
		http://www.sco.com/support/security/index.html

	This security fix closes SCO incidents sr867868, fz525853,
	erg712105.


9. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers intended
	to promote secure installation and use of SCO products.

______________________________________________________________________________
    _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

    This archive was generated by hypermail 2b30 : Sat Nov 23 2002 - 10:49:33 PST