USN-529-1: Tk vulnerability

11 October 2007

Tk vulnerability

Releases

Packages

  • tk8.3 -
  • tk8.4 -

Details

It was discovered that Tk could be made to overrun a buffer when loading
certain images. If a user were tricked into opening a specially crafted
GIF image, remote attackers could cause a denial of service or execute
arbitrary code with user privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 7.04
Ubuntu 6.10
Ubuntu 6.06

In general, a standard system upgrade is sufficient to effect the
necessary changes.