lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <1241448405.6379.4.camel@mdlinux.technorage.com>
Date: Mon, 04 May 2009 10:46:45 -0400
From: Marc Deslauriers <marc.deslauriers@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-769-1] libwmf vulnerability

===========================================================
Ubuntu Security Notice USN-769-1               May 04, 2009
libwmf vulnerability
CVE-2009-1364
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libwmf0.2-7                     0.2.8.3-3.1ubuntu0.2

Ubuntu 8.04 LTS:
  libwmf0.2-7                     0.2.8.4-6ubuntu0.8.04.1

Ubuntu 8.10:
  libwmf0.2-7                     0.2.8.4-6ubuntu0.8.10.1

Ubuntu 9.04:
  libwmf0.2-7                     0.2.8.4-6ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Tavis Ormandy discovered that libwmf incorrectly used memory after it had
been freed when using its embedded GD library. If a user or automated
system were tricked into opening a crafted WMF file, an attacker could
cause a denial of service or execute arbitrary code with privileges of the
user invoking the program.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3-3.1ubuntu0.2.diff.gz
      Size/MD5:     7548 1693ed2495751dcd73fc8e7831e0f7b3
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3-3.1ubuntu0.2.dsc
      Size/MD5:      793 2ddea51c8941c40224ecbf1be95acbc7
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3.orig.tar.gz
      Size/MD5:  1737021 c7246bb724664189ade7895547387e6a

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.8.3-3.1ubuntu0.2_all.deb
      Size/MD5:   271716 96e8d4db4814825634dd6405cd32e661

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.8.3-3.1ubuntu0.2_amd64.deb
      Size/MD5:   207388 b9592ee21a871f90c618ccb4e309fceb
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.3-3.1ubuntu0.2_amd64.deb
      Size/MD5:   182416 d8d8bf445c26d45277150e63f3e07e0f
    http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_0.2.8.3-3.1ubuntu0.2_amd64.deb
      Size/MD5:    17944 4dd4b1fcd5e2cf58edd55559261a8893

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.8.3-3.1ubuntu0.2_i386.deb
      Size/MD5:   186190 b50a22929e5c58d64dddfd1dc5759c35
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.3-3.1ubuntu0.2_i386.deb
      Size/MD5:   167294 8eb6710e251969c670919faf0ac0d316
    http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_0.2.8.3-3.1ubuntu0.2_i386.deb
      Size/MD5:    16286 ac1b771cbab2ec97903515fcc0d502ef

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.8.3-3.1ubuntu0.2_powerpc.deb
      Size/MD5:   207382 17861a22d0b851f3ae565050d6b5f944
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.3-3.1ubuntu0.2_powerpc.deb
      Size/MD5:   186342 1cdc9f3177873d0991df70dd94274164
    http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_0.2.8.3-3.1ubuntu0.2_powerpc.deb
      Size/MD5:    23136 1f88bd61ca71dc25c811eb87019e5318

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.8.3-3.1ubuntu0.2_sparc.deb
      Size/MD5:   202306 36a414f896e6b9c0cd85fb80adcdc3a2
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.3-3.1ubuntu0.2_sparc.deb
      Size/MD5:   176046 ea143767a8b47e38c705d7f63514eb38
    http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_0.2.8.3-3.1ubuntu0.2_sparc.deb
      Size/MD5:    17062 ba9845b780219b6280d245df9871dcae

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-6ubuntu0.8.04.1.diff.gz
      Size/MD5:     7945 db9719db8b4185a2dc1dfd9c7502a840
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-6ubuntu0.8.04.1.dsc
      Size/MD5:      897 aa5a40fac6d3a20e262b676a6ffb9905
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4.orig.tar.gz
      Size/MD5:  2169375 d1177739bf1ceb07f57421f0cee191e0

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.8.4-6ubuntu0.8.04.1_all.deb
      Size/MD5:   271782 067cc55b9a443ccb54640265c83d2713

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu0.8.04.1_amd64.deb
      Size/MD5:   204758 8d00854e0f547a1ba43a6273d989753e
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu0.8.04.1_amd64.deb
      Size/MD5:   182500 8f982b8f49392e464d8ee6dfcf5c7d45
    http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu0.8.04.1_amd64.deb
      Size/MD5:    18628 8bd56a6e3c735459894df6d35cca5069

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu0.8.04.1_i386.deb
      Size/MD5:   190508 8719abb2577f1e835809901d278a1cc3
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu0.8.04.1_i386.deb
      Size/MD5:   174632 f0c237795563bc56e93a30b2420be5d8
    http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu0.8.04.1_i386.deb
      Size/MD5:    16854 51f4fa4bdea92af7adc8414d77c4f940

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu0.8.04.1_lpia.deb
      Size/MD5:   190544 0be66144da34d745b6a205e39acf6b8d
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu0.8.04.1_lpia.deb
      Size/MD5:   175152 6e321d7e9535b094a49cda9cca39cd98
    http://ports.ubuntu.com/pool/universe/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu0.8.04.1_lpia.deb
      Size/MD5:    16912 4ff571582af7b37e8bbf69c410e174e4

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu0.8.04.1_powerpc.deb
      Size/MD5:   208426 3f9a023a87a4b83cb773892caabd0995
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu0.8.04.1_powerpc.deb
      Size/MD5:   193284 53296daa6fee0c24910bccf542aeab5c
    http://ports.ubuntu.com/pool/universe/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu0.8.04.1_powerpc.deb
      Size/MD5:    26614 d5f2e2ba285723762a04276cdd7788bf

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu0.8.04.1_sparc.deb
      Size/MD5:   198188 541e5763f6b8c93e5c7fd3ad4c5036dd
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu0.8.04.1_sparc.deb
      Size/MD5:   174884 3a7230c7e0a3ee6c4d338bbbfc51b8d6
    http://ports.ubuntu.com/pool/universe/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu0.8.04.1_sparc.deb
      Size/MD5:    18216 9a1750b1705281550cc63b12263122eb

Updated packages for Ubuntu 8.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-6ubuntu0.8.10.1.diff.gz
      Size/MD5:     7947 3d9209546d67ea082b3f0bbfed1eda90
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-6ubuntu0.8.10.1.dsc
      Size/MD5:     1307 8e55c1cd1eebccde6dddbe717edbea01
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4.orig.tar.gz
      Size/MD5:  2169375 d1177739bf1ceb07f57421f0cee191e0

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.8.4-6ubuntu0.8.10.1_all.deb
      Size/MD5:   271786 3ca10a1afb13e2c4869b3a61ccca2f9c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu0.8.10.1_amd64.deb
      Size/MD5:    18226 3ff0320cac60266fbede66a12d94e722
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu0.8.10.1_amd64.deb
      Size/MD5:   207528 c8080917e04e780dcb7949b942315fcf
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu0.8.10.1_amd64.deb
      Size/MD5:   185396 dd4b18c6101536755ec2059fa9ace7d7

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu0.8.10.1_i386.deb
      Size/MD5:    16320 3e4ea0e6701bb7c1b361f400a197789e
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu0.8.10.1_i386.deb
      Size/MD5:   191792 7f2520ac7a4df757be3fac75aa1f8b3d
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu0.8.10.1_i386.deb
      Size/MD5:   175384 0688b920531b4bc30622df181049a969

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu0.8.10.1_lpia.deb
      Size/MD5:    16296 3ab52a223003ac3f1f75b15bbe94c2c7
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu0.8.10.1_lpia.deb
      Size/MD5:   192812 2c3bb8fdd898b2ea244835aac37bf91e
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu0.8.10.1_lpia.deb
      Size/MD5:   175724 8a8a91ff084707ffc2c188ed82abaf9b

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu0.8.10.1_powerpc.deb
      Size/MD5:    24438 dea1c25c5743967ac2e9bc720a5b53d0
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu0.8.10.1_powerpc.deb
      Size/MD5:   210326 c972df4317570606da04f5037669f69d
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu0.8.10.1_powerpc.deb
      Size/MD5:   195412 bf27b10058ad33b9d7070cecfd10cc9a

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu0.8.10.1_sparc.deb
      Size/MD5:    18292 312e37cc9675e1c5ce1982b0d3d9c2f0
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu0.8.10.1_sparc.deb
      Size/MD5:   201314 2fc36c07e6f7a7bb9412b814d79c3e09
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu0.8.10.1_sparc.deb
      Size/MD5:   176600 f078e4b862815fff7c26dfd3c952af3b

Updated packages for Ubuntu 9.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-6ubuntu1.1.diff.gz
      Size/MD5:     8054 75778c8b1637e8105a7d57c22f10fb1d
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-6ubuntu1.1.dsc
      Size/MD5:     1304 73331bc4957b531fa309e4defaaa61e8
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4.orig.tar.gz
      Size/MD5:  2169375 d1177739bf1ceb07f57421f0cee191e0

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.8.4-6ubuntu1.1_all.deb
      Size/MD5:   271766 85012965dbe448e39dbd770149873231

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu1.1_amd64.deb
      Size/MD5:    18224 9dabf870549fe87e2a07a0c5169ef858
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu1.1_amd64.deb
      Size/MD5:   207486 953705c1d863cfb6e35d26cb8f14c9ee
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7-gtk_0.2.8.4-6ubuntu1.1_amd64.deb
      Size/MD5:    20924 1176ff52c290e7e6237416b3f8f11d53
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu1.1_amd64.deb
      Size/MD5:   182256 b9e6cdd69feb940940d2913d73b9beb9

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu1.1_i386.deb
      Size/MD5:    16326 6dd791cdcf2a5e80231d7175c82dc0fe
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu1.1_i386.deb
      Size/MD5:   191744 e5ecc9eab79e93ec0a8cac1662367a9c
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7-gtk_0.2.8.4-6ubuntu1.1_i386.deb
      Size/MD5:    20688 43cdff77db7b69642d3f30b3eea62f3b
    http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu1.1_i386.deb
      Size/MD5:   172432 06df097a479c63b16c5e2d3055e1b9f4

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu1.1_lpia.deb
      Size/MD5:    16286 b6a14684d53478a10c5d5806bf9c4510
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu1.1_lpia.deb
      Size/MD5:   192746 7955ed46b6fd5016da6cdaee7f9f3a2a
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7-gtk_0.2.8.4-6ubuntu1.1_lpia.deb
      Size/MD5:    20602 8cd2b29d7615c83af5f11cd37d880cdc
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu1.1_lpia.deb
      Size/MD5:   172836 81098a45b48473a75c485c184d9598c0

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu1.1_powerpc.deb
      Size/MD5:    24434 3f8a54144a10505439d5aade24cf0b23
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu1.1_powerpc.deb
      Size/MD5:   210282 7b74e82b61c5d893090d2ed2086104a6
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7-gtk_0.2.8.4-6ubuntu1.1_powerpc.deb
      Size/MD5:    23020 65e66a2944b5d0e0837d1a4c23e06ff6
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu1.1_powerpc.deb
      Size/MD5:   190446 2882b245d28ea23d20e25fad7b0757e1

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubuntu1.1_sparc.deb
      Size/MD5:    18302 5abf22e780e2c61d4c9e0ad14b0f9673
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubuntu1.1_sparc.deb
      Size/MD5:   201282 e2933a793e52b2e4e70dff1b8c8d5cdb
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7-gtk_0.2.8.4-6ubuntu1.1_sparc.deb
      Size/MD5:    20586 170e140a012c02e8558cc0af5f240210
    http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubuntu1.1_sparc.deb
      Size/MD5:   173658 1eff93e12e2af48c8b2c38507c22371a



Download attachment "signature.asc" of type "application/pgp-signature" (198 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ