[PLUG] First JPEG virus is out there

Paul Heinlein heinlein at madboa.com
Tue Sep 28 11:31:19 UTC 2004


On Tue, 28 Sep 2004, Rich Shepard wrote:

>>  Recently, libraries within libxpm4, ImageMagick, gtk2, gdk-pixbuf, 
>>  and Mozilla have all been found vulnerable to certain 
>>  buffer-overflow exploits.
>
>  Therefore, there are frantic efforts under way at the developers 
> and distributors. I expect a bunch of update messages soon. Thanks 
> for the explanation.

Actually, these are the projects that already have fixes. See, for 
example, the Linux Weekly News summary of security alerts issued for 
Slackware:

   http://lwn.net/Alerts/Slackware/

The Slackware packagers have already released fixes for several of the 
announced image-rendering vulnerabilities.

--Paul Heinlein <heinlein at madboa.com>




More information about the PLUG mailing list