__________________________________________________________
	
						   The U.S. Department of Energy
					   Computer Incident Advisory Capability
							   ___  __ __    _     ___
							  /       |     /_\   /
							  \___  __|__  /   \  \___
				 __________________________________________________________
	
								 INFORMATION BULLETIN
	
								 Cairo Security Update
							  [Red Hat  RHSA-2007:1078-3]
	
	December 3, 2007 14:00 GMT                                        Number S-063
	[REIVSED 14 Apr 2008]
	______________________________________________________________________________
	PROBLEM:       An integer overflow flaw was found in the way Cairo processes 
				   PNG images. 
	PLATFORM:      RHEL Desktop Workstation (v. 5 client) 
				   Red Hat Enterprise Linux (v. 5 server) 
				   Red Hat Enterprise Linux Desktop (v. 5 client) 
				   Debian GNU/Linux 4.0 (stable)
	DAMAGE:        It is possible to execute arbitrary code as the user running 
				   the application. 
	SOLUTION:      Upgrade to the appropriate version. 
	______________________________________________________________________________
	VULNERABILITY  The risk is MEDIUM. It is possible to execute arbitrary code as 
	ASSESSMENT:    the user running the application. 
	______________________________________________________________________________
	LINKS: 
	 CIAC BULLETIN:      http://www.ciac.org/ciac/bulletins/s-063.shtml 
	 ORIGINAL BULLETIN:  https://rhn.redhat.com/errata/RHSA-2007-1078.html 
     ADDITIONAL LINK:    http://www.debian.org/security/2008/dsa-1542
	 CVE:                http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= 
						 CVE-2007-5503 
	______________________________________________________________________________
	REVISION HISTORY:
	04/14/2008 - revised S-063 to add a link to Debian Security Advisory DSA-1542-1 
                 for Debian GNU/Linux 4.0 (stable).


	[***** Start Red Hat  RHSA-2007:1078-3 *****]
	
	Important: cairo security update
	Advisory: RHSA-2007:1078-3 
	Type: Security Advisory 
	Severity: Important 
	Issued on: 2007-11-29 
	Last updated on: 2007-11-29 
	Affected Products: RHEL Desktop Workstation (v. 5 client)
	Red Hat Enterprise Linux (v. 5 server)
	Red Hat Enterprise Linux Desktop (v. 5 client) 
	OVAL: com.redhat.rhsa-20071078.xml 
	CVEs (cve.mitre.org): CVE-2007-5503
	 
	
	
	Details
	Updated Cairo packages that resolve a security issue are now available for 
	Red Hat Enterprise Linux 5. 
	
	This update has been rated as having important security impact by the Red 
	Hat Security Response Team.
	
	Cairo is a vector graphics library designed to provide high-quality display 
	and print output. 
	
	An integer overflow flaw was found in the way Cairo processes PNG images. 
	If an application linked against Cairo processes a malicious PNG image, it 
	is possible to execute arbitrary code as the user running the application. 
	(CVE-2007-5503) 
	
	Users of Cairo are advised to upgrade to these updated packages, which 
	contain a backported patch to resolve this issue.
	
	
	
	Solution
	Before applying this update, make sure that all previously-released 
	errata relevant to your system have been applied. 
	
	This update is available via Red Hat Network. Details on how to use 
	the Red Hat Network to apply this update are available at 
	http://kbase.redhat.com/faq/FAQ_58_10188
	
	
	Updated packages
	RHEL Desktop Workstation (v. 5 client) 
	
	--------------------------------------------------------------------------------
	 
	IA-32: 
	cairo-devel-1.2.4-3.el5_1.i386.rpm     e1a06df5b1e3e5f43f1d5c646f1bb258 
	  
	x86_64: 
	cairo-devel-1.2.4-3.el5_1.i386.rpm     e1a06df5b1e3e5f43f1d5c646f1bb258 
	cairo-devel-1.2.4-3.el5_1.x86_64.rpm     6b10f796d9594dc439eb6e4e984a659b 
	  
	Red Hat Enterprise Linux (v. 5 server) 
	
	--------------------------------------------------------------------------------
	 
	SRPMS: 
	cairo-1.2.4-3.el5_1.src.rpm     cbfeb076c6d2c87325cc8c20bffb0673 
	  
	IA-32: 
	cairo-1.2.4-3.el5_1.i386.rpm     58f31c9334847d100a28ad6606c9b636 
	cairo-devel-1.2.4-3.el5_1.i386.rpm     e1a06df5b1e3e5f43f1d5c646f1bb258 
	  
	IA-64: 
	cairo-1.2.4-3.el5_1.i386.rpm     58f31c9334847d100a28ad6606c9b636 
	cairo-1.2.4-3.el5_1.ia64.rpm     60844055ceee625c95d7b94eae351948 
	cairo-devel-1.2.4-3.el5_1.ia64.rpm     20d33a44a958bf53aada42c08761be8b 
	  
	PPC: 
	cairo-1.2.4-3.el5_1.ppc.rpm     e4b5250dba1bd0056e3deacd16a6dd65 
	cairo-1.2.4-3.el5_1.ppc64.rpm     579359058ecca388892e6a28f6ddefba 
	cairo-devel-1.2.4-3.el5_1.ppc.rpm     8942d9ed93096e9f3f3f8d8703e40b7a 
	cairo-devel-1.2.4-3.el5_1.ppc64.rpm     490be6cf85b9035f6170f553862ad5f2 
	  
	s390x: 
	cairo-1.2.4-3.el5_1.s390.rpm     7fb5f3ca96b9407a294ac379cb654e16 
	cairo-1.2.4-3.el5_1.s390x.rpm     5d5975bbf5ee037afa85d0304042bf10 
	cairo-devel-1.2.4-3.el5_1.s390.rpm     b94a16d274895163a7a0990392f722bb 
	cairo-devel-1.2.4-3.el5_1.s390x.rpm     9a395c63e51fc02d00ad1ca31280e407 
	  
	x86_64: 
	cairo-1.2.4-3.el5_1.i386.rpm     58f31c9334847d100a28ad6606c9b636 
	cairo-1.2.4-3.el5_1.x86_64.rpm     463958973b4ba3ada3cff99a930db908 
	cairo-devel-1.2.4-3.el5_1.i386.rpm     e1a06df5b1e3e5f43f1d5c646f1bb258 
	cairo-devel-1.2.4-3.el5_1.x86_64.rpm     6b10f796d9594dc439eb6e4e984a659b 
	  
	Red Hat Enterprise Linux Desktop (v. 5 client) 
	
	--------------------------------------------------------------------------------
	 
	SRPMS: 
	cairo-1.2.4-3.el5_1.src.rpm     cbfeb076c6d2c87325cc8c20bffb0673 
	  
	IA-32: 
	cairo-1.2.4-3.el5_1.i386.rpm     58f31c9334847d100a28ad6606c9b636 
	  
	x86_64: 
	cairo-1.2.4-3.el5_1.i386.rpm     58f31c9334847d100a28ad6606c9b636 
	cairo-1.2.4-3.el5_1.x86_64.rpm     463958973b4ba3ada3cff99a930db908 
	  
	(The unlinked packages above are only available from the Red Hat Network)
	 
	
	
	Bugs fixed (see bugzilla for more information)
	387431 - CVE-2007-5503 cairo integer overflow
	
	
	
	References
	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503
	http://www.redhat.com/security/updates/classification/#important 
	
	
	--------------------------------------------------------------------------------
	These packages are GPG signed by Red Hat for security. Our key and details on how 
	to verify the signature are available from:
	
	https://www.redhat.com/security/team/key/#package 
	
	The Red Hat security contact is secalert@redhat.com. More contact details at 
	http://www.redhat.com/security/team/contact/
	
	
	[***** End Red Hat  RHSA-2007:1078-3 *****]
	_______________________________________________________________________________
	
	CIAC wishes to acknowledge the contributions of Red Hat for the 
	information contained in this bulletin.
	_______________________________________________________________________________
	
	
	CIAC, the Computer Incident Advisory Capability, is the computer
	security incident response team for the U.S. Department of Energy
	(DOE) and the emergency backup response team for the National
	Institutes of Health (NIH). CIAC is located at the Lawrence Livermore
	National Laboratory in Livermore, California. CIAC is also a founding
	member of FIRST, the Forum of Incident Response and Security Teams, a
	global organization established to foster cooperation and coordination
	among computer security teams worldwide.
	
	CIAC services are available to DOE, DOE contractors, and the NIH. CIAC
	can be contacted at:
		Voice:    +1 925-422-8193 (7x24)
		FAX:      +1 925-423-8002
		STU-III:  +1 925-423-2604
		E-mail:   ciac@ciac.org
	
	Previous CIAC notices, anti-virus software, and other information are
	available from the CIAC Computer Security Archive.
	
	   World Wide Web:      http://www.ciac.org/
	   Anonymous FTP:       ftp.ciac.org
	
	PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing
	communities receive CIAC bulletins.  If you are not part of these
	communities, please contact your agency's response team to report
	incidents. Your agency's team will coordinate with CIAC. The Forum of
	Incident Response and Security Teams (FIRST) is a world-wide
	organization. A list of FIRST member organizations and their
	constituencies can be obtained via WWW at http://www.first.org/.
	
	This document was prepared as an account of work sponsored by an
	agency of the United States Government. Neither the United States
	Government nor the University of California nor any of their
	employees, makes any warranty, express or implied, or assumes any
	legal liability or responsibility for the accuracy, completeness, or
	usefulness of any information, apparatus, product, or process
	disclosed, or represents that its use would not infringe privately
	owned rights. Reference herein to any specific commercial products,
	process, or service by trade name, trademark, manufacturer, or
	otherwise, does not necessarily constitute or imply its endorsement,
	recommendation or favoring by the United States Government or the
	University of California. The views and opinions of authors expressed
	herein do not necessarily state or reflect those of the United States
	Government or the University of California, and shall not be used for
	advertising or product endorsement purposes.
	
	LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC)
	
	S-053: Vulnerability in Windows URI Handling
	S-054: Vulnerability in DNS
	S-055: HP OpenView Operations (OVO) Running on HP-UX and Solaris Vulnerability
	S-056: Apple Security Update 2007-008
	S-057: Samba Security Update
	S-058: HP-UX Running Java JRE and JDK
	S-059: util-linux Security Update
	S-060: Apple QuickTime RTSP Content-Type Vulnerability
	S-061: IBM Director Vulnerability
	S-062: HP-UX Running HP Secure Shell Vulnerability