[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070816052312.GA22258@outflux.net>
Date: Wed, 15 Aug 2007 22:23:12 -0700
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-498-1] libvorbis vulnerabilities
===========================================================
Ubuntu Security Notice USN-498-1 August 16, 2007
libvorbis vulnerabilities
CVE-2007-3106, CVE-2007-4029
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
libvorbis0a 1.1.2-0ubuntu2.2
Ubuntu 6.10:
libvorbis0a 1.1.2-1ubuntu1.2
Ubuntu 7.04:
libvorbis0a 1.1.2.dfsg-1.2ubuntu2
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
David Thiel discovered that libvorbis did not correctly verify the size
of certain headers, and did not correctly clean up a broken stream.
If a user were tricked into processing a specially crafted Vorbis stream,
a remote attacker could execute arbitrary code with the user's privileges.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2-0ubuntu2.2.diff.gz
Size/MD5: 1945 86c1fc2f0361eb0db830f867693a548e
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2-0ubuntu2.2.dsc
Size/MD5: 697 c620f1d709ab55f55b183fd3c91bce93
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2.orig.tar.gz
Size/MD5: 1316434 37847626b8e1b53ae79a34714c7b3211
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-0ubuntu2.2_amd64.deb
Size/MD5: 488058 fcd99f10a7fb558a943974dbb563c9f0
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-0ubuntu2.2_amd64.deb
Size/MD5: 101362 35ee478f24e55bb802928d63ed50987c
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-0ubuntu2.2_amd64.deb
Size/MD5: 100724 9e207785d1061752b9c6a775021c5a72
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-0ubuntu2.2_amd64.deb
Size/MD5: 18634 ca50aa565c499a5e1e852683dc9b3eed
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-0ubuntu2.2_i386.deb
Size/MD5: 468650 99c44c0a44e97b14c60b2792f68dfa46
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-0ubuntu2.2_i386.deb
Size/MD5: 95664 a54dc7b20cc26bc3f9310e44ac4c5302
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-0ubuntu2.2_i386.deb
Size/MD5: 82654 b8925d42ec69fad0e5369cb058279ac3
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-0ubuntu2.2_i386.deb
Size/MD5: 18758 a3e870b7c250e1ad382273351a2c0c01
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-0ubuntu2.2_powerpc.deb
Size/MD5: 503142 de3fa1e43f1969c184a2830a3bada1a3
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-0ubuntu2.2_powerpc.deb
Size/MD5: 105654 238300db6aa1e8ba618cf97de53adb40
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-0ubuntu2.2_powerpc.deb
Size/MD5: 86510 cea1dd0b049c9cf7709ff9addbc9ce9e
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-0ubuntu2.2_powerpc.deb
Size/MD5: 21872 a5ccde83452225ee9572591b3ac12089
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-0ubuntu2.2_sparc.deb
Size/MD5: 478886 e1b097b2557761166b4c72cb1941a8d5
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-0ubuntu2.2_sparc.deb
Size/MD5: 98930 ddaa87cf4d545ed435ce6b5d2d7686dc
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-0ubuntu2.2_sparc.deb
Size/MD5: 84502 aba0dee287ffe6cc9dd31410cdf0c480
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-0ubuntu2.2_sparc.deb
Size/MD5: 19474 9ca0632d7eec2b2c5357ff0cf6dd5bd5
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2-1ubuntu1.2.diff.gz
Size/MD5: 4485 ddcf8d4ff7fd81dab82dcadc27fbab2b
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2-1ubuntu1.2.dsc
Size/MD5: 785 a8d9b7dd0e10ad85880e1865487a1068
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2.orig.tar.gz
Size/MD5: 1316434 37847626b8e1b53ae79a34714c7b3211
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-1ubuntu1.2_amd64.deb
Size/MD5: 695786 8d1ae488647ead2db58b9de1b9be0943
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-1ubuntu1.2_amd64.deb
Size/MD5: 101874 dc9a4bdad9bb0dfe665d42016b089d8f
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-1ubuntu1.2_amd64.deb
Size/MD5: 93610 f78f454f33964fc2d907432a838d61e9
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-1ubuntu1.2_amd64.deb
Size/MD5: 17482 59760f0b1a0ee7c21decc3f7cee8646f
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-1ubuntu1.2_i386.deb
Size/MD5: 676534 d1a29786d59ee0e7e6e240959d1ab6a1
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-1ubuntu1.2_i386.deb
Size/MD5: 97478 8638016bb0c0e62b81971a47319ed7c8
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-1ubuntu1.2_i386.deb
Size/MD5: 75224 614221bd1c481a18bf42f996c13a32e1
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-1ubuntu1.2_i386.deb
Size/MD5: 18342 adbef7bf8ba073b4717d612365f0b08c
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-1ubuntu1.2_powerpc.deb
Size/MD5: 706602 dcf81e924180791236fec6e9bf712400
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-1ubuntu1.2_powerpc.deb
Size/MD5: 105654 dd0324eddf31d102d002027fd539c1f8
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-1ubuntu1.2_powerpc.deb
Size/MD5: 82422 3760241cd611836dbcb9f807307d0d8c
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-1ubuntu1.2_powerpc.deb
Size/MD5: 20996 68e46beb2de32aefd72b71e0efe2fccd
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2-1ubuntu1.2_sparc.deb
Size/MD5: 683458 9ef708b6975855aa8caef17efb999f5e
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2-1ubuntu1.2_sparc.deb
Size/MD5: 98608 0d40f0736b9455d5ce8f455ad9aad730
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2-1ubuntu1.2_sparc.deb
Size/MD5: 79702 d877de71ae6e6dd97af7181b8c8bda75
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2-1ubuntu1.2_sparc.deb
Size/MD5: 17596 5557a677d2a30a8f305af3b2d0bb1992
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.2ubuntu2.diff.gz
Size/MD5: 6434 feb5fce1d4acf0bfdb35a37e1214bbb9
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.2ubuntu2.dsc
Size/MD5: 884 978e723bf7f45be6197bcdfbf889daf7
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis_1.1.2.dfsg.orig.tar.gz
Size/MD5: 1312540 44cf09fef7f78e7c6ba7dd63b6137412
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.2ubuntu2_amd64.deb
Size/MD5: 464416 7b29fe0810e9fb3bb45d5349d0687248
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.2ubuntu2_amd64.deb
Size/MD5: 102890 6952444b08b0ac5ebd6cdca46f206f60
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.2ubuntu2_amd64.deb
Size/MD5: 93954 5d6036a45d9825510cecc78297ffa813
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.2ubuntu2_amd64.deb
Size/MD5: 17898 2e2171a70149edaaea92fafda5666283
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.2ubuntu2_i386.deb
Size/MD5: 446040 473a312aa17991e5633887f8a3b9fdb9
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.2ubuntu2_i386.deb
Size/MD5: 98550 1da8d756d1fbfa690c8065c5a8ba9ca4
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.2ubuntu2_i386.deb
Size/MD5: 75590 c2d1d51370713ba3723dabdd6dcb2016
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.2ubuntu2_i386.deb
Size/MD5: 18752 ca2078842bcbaf8acf7ffd2a843ce0f5
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.2ubuntu2_powerpc.deb
Size/MD5: 476100 3eb73300997f91608237cdda1272a79c
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.2ubuntu2_powerpc.deb
Size/MD5: 108566 197afa15b66ea325cb0e1ae04e293258
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.2ubuntu2_powerpc.deb
Size/MD5: 83292 76d2ff890da1db655f5d4218685848dc
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.2ubuntu2_powerpc.deb
Size/MD5: 22452 697172c76dfab90ce18dc15860b7f1f3
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.2ubuntu2_sparc.deb
Size/MD5: 453812 4824f081ef3fff15fcb99560bf8aaa28
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.2ubuntu2_sparc.deb
Size/MD5: 99654 b62609e378e0aa989785fa26aff76f31
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.2ubuntu2_sparc.deb
Size/MD5: 80136 2e47b864c9d92f3e7be8bcfd7069f88b
http://security.ubuntu.com/ubuntu/pool/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.2ubuntu2_sparc.deb
Size/MD5: 18040 3d6ee8bce626b81d9099f601fcff4fe2
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists