Synopsis: Important: giflib security update
Issue date: 2009-04-22
CVE Names: CVE-2005-2974 CVE-2005-3350
Several flaws were discovered in the way giflib decodes GIF images. An
attacker could create a carefully crafted GIF image that could cause an
application using giflib to crash or, possibly, execute arbitrary code
when opened by a victim. (CVE-2005-2974, CVE-2005-3350)
All running applications using giflib must be restarted for the update
to take effect.
SL 5.x
SRPMS:
i386:
giflib-4.1.3-7.1.el5_3.1.i386.rpm
giflib-devel-4.1.3-7.1.el5_3.1.i386.rpm
giflib-utils-4.1.3-7.1.el5_3.1.i386.rpm
x86_64:
giflib-4.1.3-7.1.el5_3.1.i386.rpm
giflib-4.1.3-7.1.el5_3.1.x86_64.rpm
giflib-devel-4.1.3-7.1.el5_3.1.i386.rpm
giflib-devel-4.1.3-7.1.el5_3.1.x86_64.rpm
giflib-utils-4.1.3-7.1.el5_3.1.x86_64.rpm
-Connie Sieh
-Troy Dawson