Forum: >>> Magnum BBS <<<

[SECURITY] [DSA 1796-1] New libwmf packages fix denial of service (1/3)

From Nico Golde@1:229/2 to All on Thu May 7 23:30:19 2009

From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------- Debian Security Advisory DSA-1796-1 [email protected] http://www.debian.org/security/ Nico Golde April 7th, 2009 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : libwmf
Vulnerability : pointer use-after-free
Problem type : local (remote)
Debian-specific: no
Debian bug : 526434
CVE ID : CVE-2009-1364

Tavis Ormandy discovered that the embedded GD library copy in libwmf,
a library to parse windows metafiles (WMF), makes use of a pointer
after it was already freed. An attacker using a crafted WMF file can
cause a denial of service or possibly the execute arbitrary code via applications using this library.

For the oldstable distribution (etch), this problem has been fixed in
version 0.2.8.4-2+etch1.

For the stable distribution (lenny), this problem has been fixed in
version 0.2.8.4-6+lenny1.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 0.2.8.4-6.1.

We recommend that you upgrade your libwmf packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/libw/libwmf/libwmf_0.2.8.4-2+etch1.diff.gz
Size/MD5 checksum: 7644 2b4fed248a00761fd52d0121b1a85bc3
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf_0.2.8.4-2+etch1.dsc
Size/MD5 checksum: 777 3cee5266c519e54d0da6af8e7bfce4fb
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf_0.2.8.4.orig.tar.gz
Size/MD5 checksum: 2169375 d1177739bf1ceb07f57421f0cee191e0

Architecture independent packages:

http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-doc_0.2.8.4-2+etch1_all.deb
Size/MD5 checksum: 285000 dad2e5a29f12e8eb1044aa0e8711f9ca

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_alpha.deb
Size/MD5 checksum: 20778 cb687c76275147f88647cc66432c7e19
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_alpha.deb
Size/MD5 checksum: 266074 b339918318e45eb257f17a118189ce84
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_alpha.deb
Size/MD5 checksum: 202096 d17c7648e7a36c487cc350a2337a9895

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_amd64.deb
Size/MD5 checksum: 18236 c297e08f3ef5b051539e953e86c079ef
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_amd64.deb
Size/MD5 checksum: 181534 84d6098d1c8664b140af1133a2131a21
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_amd64.deb
Size/MD5 checksum: 207970 38bb87b9709162127b1781f1f94faabd

arm architecture (ARM)

http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_arm.deb
Size/MD5 checksum: 17282 babef9667a9f4b08caefd35768a3a46d
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_arm.deb
Size/MD5 checksum: 193728 e746d7645a15cd86949b100cdf45b40d
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_arm.deb
Size/MD5 checksum: 171004 5a3619cbce2f2a5c372b95264b89deeb

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_hppa.deb
Size/MD5 checksum: 233692 cd29f5b00baf76ff13024fbb86f6d9e3
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_hppa.deb
Size/MD5 checksum: 199222 8065d7a00098dc8369db734a05b9c17f
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_hppa.deb
Size/MD5 checksum: 20012 248ff058981781eb05dd840e267be350

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_i386.deb
Size/MD5 checksum: 16972 6c9b82eb6ec8bae312e3b9560287f128
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_i386.deb
Size/MD5 checksum: 173774 574bd6bfae2c31dd6b327adbc3f8198e
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_i386.deb
Size/MD5 checksum: 196458 fd9303e305f980531f7189bde27cf9d2

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_ia64.deb
Size/MD5 checksum: 302452 52a71013e006a01c8c9fa9812dcbbce8
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_ia64.deb
Size/MD5 checksum: 26150 8d4c7ca669c634d5a4a0c038f603f8b8
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_ia64.deb
Size/MD5 checksum: 264844 21f1ff094fd730d04e7e2b4377b874f6

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_mips.deb
Size/MD5 checksum: 229336 d52a35cbfe9b5bc6791f43b894f6bda8
http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_mips.deb

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

Who's Online
Recent Visitors
- Krenn
  Sun Jun 7 03:07:26 2026
  from Sydney, Nsw via Telnet
- Krenn
  Sun Jun 7 01:30:12 2026
  from Sydney, Nsw via Telnet
- Centurion
  Sat Jun 6 23:27:30 2026
  from Berea, Ohio via Telnet
- Ab Cadd
  Sat Jun 6 15:42:53 2026
  from Sheboygan, Wi via Telnet
- Centurion
  Sat Jun 6 15:32:28 2026
  from Berea, Ohio via Telnet
- Krenn
  Sat Jun 6 11:38:56 2026
  from Sydney, Nsw via Telnet
- Furryboy
  Sat Jun 6 10:56:29 2026
  from Romania, Galati via SSH
- Centurion
  Fri Jun 5 22:28:01 2026
  from Berea, Ohio via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	715
Nodes:	16 (3 / 13)
Uptime:	157:53:18
Calls:	12,094
Calls today:	2
Files:	15,000
Messages:	6,517,755

[SECURITY] [DSA 1796-1] New libwmf packages fix denial of service (1/3)

Who's Online

Recent Visitors

System Info