Linux groups patch image flaw
Common code used to process graphics has a flaw that could allow an attacker to issue commands as the user.
The vulnerabilities occur in the Imlib software library, a set of common code for handling images, security information provider Secunia
Czech software developer Pavel Kankovsky discovered the flaws when he checked the Imlib library to see if it was affected by vulnerabilities found in a similar set of Linux code, Linux distributor Gentoo said in an advisory.
Both Gentoo and Novell's SuSE Linux released patches for the issue this week.
The image flaw is the latest graphics library vulnerability to affect a major operating system. Microsoft fixed a major flaw in how its operating system and applications handled the popular JPEG format. The flaw could be used to take control of a victim's PC by viewing a graphic. Another flaw in a popular code library for handling an open-source image format, known as Portable Network Graphics, put computers running Linux, Windows and Mac OS X at risk.
Another common element of Web pages, Sun Microsystems' Java, also had a major flaw that could affect Linux and Windows computer users. The company patched the issue in October.
Other versions of the Linux operating system are likely affected if they use an older version of the GNOME desktop. In addition, other applications on those systems could also be affected if that software uses the Imlib code.