netpbm 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1236014678
업데이트 : 2009.03.03
상세내용
- 보안버그 수정 사항
. CVE-2007-2721
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000
library (libjasper) before 1.900 allows remote user-assisted attackers to
cause a denial of service (crash) and possibly corrupt the heap via malformed
image files, as originally demonstrated using imagemagick convert.
. CVE-2008-3520
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent
attackers to have an unknown impact via a crafted image file, related to
integer multiplication for memory allocation.
Autoupdates 지원 : Packages System
pkgadd -F "netpbm*"
update 패키지
RPMS :
. netpbm-10.25-4.6.2.i686.rpm
. netpbm-devel-10.25-4.6.2.i686.rpm
. netpbm-progs-10.25-4.6.2.i686.rpm
SRPMS :
. netpbm-10.25-4.6.2.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
|