lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070816052312.GA22258@outflux.net>
Date: Wed, 15 Aug 2007 22:23:12 -0700
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-498-1] libvorbis vulnerabilities

=========================================================== 
Ubuntu Security Notice USN-498-1            August 16, 2007
libvorbis vulnerabilities
CVE-2007-3106, CVE-2007-4029
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libvorbis0a                              1.1.2-0ubuntu2.2

Ubuntu 6.10:
  libvorbis0a                              1.1.2-1ubuntu1.2

Ubuntu 7.04:
  libvorbis0a                              1.1.2.dfsg-1.2ubuntu2

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

David Thiel discovered that libvorbis did not correctly verify the size
of certain headers, and did not correctly clean up a broken stream.
If a user were tricked into processing a specially crafted Vorbis stream,
a remote attacker could execute arbitrary code with the user's privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2-0ubuntu2.2.diff.gz
      Size/MD5:     1945 86c1fc2f0361eb0db830f867693a548e
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2-0ubuntu2.2.dsc
      Size/MD5:      697 c620f1d709ab55f55b183fd3c91bce93
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2.orig.tar.gz
      Size/MD5:  1316434 37847626b8e1b53ae79a34714c7b3211

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-0ubuntu2.2_amd64.deb
      Size/MD5:   488058 fcd99f10a7fb558a943974dbb563c9f0
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-0ubuntu2.2_amd64.deb
      Size/MD5:   101362 35ee478f24e55bb802928d63ed50987c
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-0ubuntu2.2_amd64.deb
      Size/MD5:   100724 9e207785d1061752b9c6a775021c5a72
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-0ubuntu2.2_amd64.deb
      Size/MD5:    18634 ca50aa565c499a5e1e852683dc9b3eed

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-0ubuntu2.2_i386.deb
      Size/MD5:   468650 99c44c0a44e97b14c60b2792f68dfa46
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-0ubuntu2.2_i386.deb
      Size/MD5:    95664 a54dc7b20cc26bc3f9310e44ac4c5302
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-0ubuntu2.2_i386.deb
      Size/MD5:    82654 b8925d42ec69fad0e5369cb058279ac3
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-0ubuntu2.2_i386.deb
      Size/MD5:    18758 a3e870b7c250e1ad382273351a2c0c01

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-0ubuntu2.2_powerpc.deb
      Size/MD5:   503142 de3fa1e43f1969c184a2830a3bada1a3
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-0ubuntu2.2_powerpc.deb
      Size/MD5:   105654 238300db6aa1e8ba618cf97de53adb40
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-0ubuntu2.2_powerpc.deb
      Size/MD5:    86510 cea1dd0b049c9cf7709ff9addbc9ce9e
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-0ubuntu2.2_powerpc.deb
      Size/MD5:    21872 a5ccde83452225ee9572591b3ac12089

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-0ubuntu2.2_sparc.deb
      Size/MD5:   478886 e1b097b2557761166b4c72cb1941a8d5
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-0ubuntu2.2_sparc.deb
      Size/MD5:    98930 ddaa87cf4d545ed435ce6b5d2d7686dc
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-0ubuntu2.2_sparc.deb
      Size/MD5:    84502 aba0dee287ffe6cc9dd31410cdf0c480
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-0ubuntu2.2_sparc.deb
      Size/MD5:    19474 9ca0632d7eec2b2c5357ff0cf6dd5bd5

Updated packages for Ubuntu 6.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2-1ubuntu1.2.diff.gz
      Size/MD5:     4485 ddcf8d4ff7fd81dab82dcadc27fbab2b
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2-1ubuntu1.2.dsc
      Size/MD5:      785 a8d9b7dd0e10ad85880e1865487a1068
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2.orig.tar.gz
      Size/MD5:  1316434 37847626b8e1b53ae79a34714c7b3211

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-1ubuntu1.2_amd64.deb
      Size/MD5:   695786 8d1ae488647ead2db58b9de1b9be0943
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-1ubuntu1.2_amd64.deb
      Size/MD5:   101874 dc9a4bdad9bb0dfe665d42016b089d8f
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-1ubuntu1.2_amd64.deb
      Size/MD5:    93610 f78f454f33964fc2d907432a838d61e9
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-1ubuntu1.2_amd64.deb
      Size/MD5:    17482 59760f0b1a0ee7c21decc3f7cee8646f

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-1ubuntu1.2_i386.deb
      Size/MD5:   676534 d1a29786d59ee0e7e6e240959d1ab6a1
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-1ubuntu1.2_i386.deb
      Size/MD5:    97478 8638016bb0c0e62b81971a47319ed7c8
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-1ubuntu1.2_i386.deb
      Size/MD5:    75224 614221bd1c481a18bf42f996c13a32e1
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-1ubuntu1.2_i386.deb
      Size/MD5:    18342 adbef7bf8ba073b4717d612365f0b08c

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-1ubuntu1.2_powerpc.deb
      Size/MD5:   706602 dcf81e924180791236fec6e9bf712400
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-1ubuntu1.2_powerpc.deb
      Size/MD5:   105654 dd0324eddf31d102d002027fd539c1f8
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-1ubuntu1.2_powerpc.deb
      Size/MD5:    82422 3760241cd611836dbcb9f807307d0d8c
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-1ubuntu1.2_powerpc.deb
      Size/MD5:    20996 68e46beb2de32aefd72b71e0efe2fccd

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-1ubuntu1.2_sparc.deb
      Size/MD5:   683458 9ef708b6975855aa8caef17efb999f5e
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-1ubuntu1.2_sparc.deb
      Size/MD5:    98608 0d40f0736b9455d5ce8f455ad9aad730
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-1ubuntu1.2_sparc.deb
      Size/MD5:    79702 d877de71ae6e6dd97af7181b8c8bda75
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-1ubuntu1.2_sparc.deb
      Size/MD5:    17596 5557a677d2a30a8f305af3b2d0bb1992

Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.2ubuntu2.diff.gz
      Size/MD5:     6434 feb5fce1d4acf0bfdb35a37e1214bbb9
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.2ubuntu2.dsc
      Size/MD5:      884 978e723bf7f45be6197bcdfbf889daf7
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2.dfsg.orig.tar.gz
      Size/MD5:  1312540 44cf09fef7f78e7c6ba7dd63b6137412

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.2ubuntu2_amd64.deb
      Size/MD5:   464416 7b29fe0810e9fb3bb45d5349d0687248
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.2ubuntu2_amd64.deb
      Size/MD5:   102890 6952444b08b0ac5ebd6cdca46f206f60
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.2ubuntu2_amd64.deb
      Size/MD5:    93954 5d6036a45d9825510cecc78297ffa813
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.2ubuntu2_amd64.deb
      Size/MD5:    17898 2e2171a70149edaaea92fafda5666283

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.2ubuntu2_i386.deb
      Size/MD5:   446040 473a312aa17991e5633887f8a3b9fdb9
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.2ubuntu2_i386.deb
      Size/MD5:    98550 1da8d756d1fbfa690c8065c5a8ba9ca4
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.2ubuntu2_i386.deb
      Size/MD5:    75590 c2d1d51370713ba3723dabdd6dcb2016
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.2ubuntu2_i386.deb
      Size/MD5:    18752 ca2078842bcbaf8acf7ffd2a843ce0f5

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.2ubuntu2_powerpc.deb
      Size/MD5:   476100 3eb73300997f91608237cdda1272a79c
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.2ubuntu2_powerpc.deb
      Size/MD5:   108566 197afa15b66ea325cb0e1ae04e293258
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.2ubuntu2_powerpc.deb
      Size/MD5:    83292 76d2ff890da1db655f5d4218685848dc
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.2ubuntu2_powerpc.deb
      Size/MD5:    22452 697172c76dfab90ce18dc15860b7f1f3

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.2ubuntu2_sparc.deb
      Size/MD5:   453812 4824f081ef3fff15fcb99560bf8aaa28
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.2ubuntu2_sparc.deb
      Size/MD5:    99654 b62609e378e0aa989785fa26aff76f31
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.2ubuntu2_sparc.deb
      Size/MD5:    80136 2e47b864c9d92f3e7be8bcfd7069f88b
    http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.2ubuntu2_sparc.deb
      Size/MD5:    18040 3d6ee8bce626b81d9099f601fcff4fe2


Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ