ELSA-2007-0513 Moderate: Enterprise Linux gimp security update

Description

Enterprise Linux Security Advisory ELSA-2007-0513 https://rhn.redhat.com/errata/RHSA-2007-0513.html The following updated rpms for Enterprise Linux 3 have been uploaded to the Unbreakable Linux Network: i386: gimp-1.2.3-20.9.el3.i386.rpm gimp-devel-1.2.3-20.9.el3.i386.rpm gimp-perl-1.2.3-20.9.el3.i386.rpm x86_64: gimp-1.2.3-20.9.el3.x86_64.rpm gimp-devel-1.2.3-20.9.el3.x86_64.rpm gimp-perl-1.2.3-20.9.el3.x86_64.rpm SRPMS: http://oss.oracle.com/el3/SRPMS-updates/gimp-1.2.3-20.9.el3.src.rpm Description of changes: [1.2.3-20.9.el3] - validate bytesperline header field when loading PCX files (#247570) [1.2.3-20.8.el3] - reduce GIMP_MAX_IMAGE_SIZE to 2^18 to detect bogus image widths/heights (#247570) [1.2.3-20.7.el3] - replace gimp_error() by gimp_message()/gimp_quit() in a few plugins so they don't crash but gracefully exit when encountering error conditions - fix endianness issues in the PSP plugin to avoid it doing (seemingly) endless loops when loading images - fix endianness issues in the PCX plugin which cause it to not detect corrupt images [1.2.3-20.6.el3] - add ChangeLog entry to psd-invalid-dimensions patch (#247570) - validate size values read from files before using them to allocate memory in various file plugins (#247570, patch by Mukund Sivaraman and Raphaël Quinet, adapted) - detect invalid image data when reading files in several plugins (#247570, patch by Sven Neumann and Raphaël Quinet, adapted) - validate size values read from files before using them to allocate memory in the PSD and sunras plugins (#247570, patch by Mukund Sivaraman and Sven Neumann, partly adapted) - add safeguard to avoid crashes while loading corrupt PSD images (#247570, patch by Raphaël Quinet, adapted) - convert spec file to UTF-8 [1.2.3-20.5.el3] - use adapted upstream PSD fix by Sven Neumann (#244406) [1.2.3-20.4.el3] - refuse to open PSD files with insanely large dimensions (#244406)