Forum: >>> Magnum BBS <<<

[SECURITY] [DSA 1912-1] New camlimages fix arbitrary code execution (1/

From Steffen Joeris@1:229/2 to All on Fri Oct 16 12:40:01 2009

From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------ Debian Security Advisory DSA-1912-1 [email protected] http://www.debian.org/security/ Steffen Joeris
October 16, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : camlimages
Vulnerability : integer overflow
Problem type : local (remote)
Debian-specific: no
CVE Ids : CVE-2009-3296 CVE-2009-2660

It was discovered that CamlImages, an open source image processing
library, suffers from several integer overflows, which may lead to a potentially exploitable heap overflow and result in arbitrary code
execution. This advisory addresses issues with the reading of TIFF
files. It also expands the patch for CVE-2009-2660 to cover another
potential overflow in the processing of JPEG images.

For the oldstable distribution (etch), this problem has been fixed in
version 2.20-8+etch3.

For the stable distribution (lenny), this problem has been fixed in
version 1:2.2.0-4+lenny3.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.

We recommend that you upgrade your camlimages package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/c/camlimages/camlimages_2.20-8+etch3.dsc
Size/MD5 checksum: 1545 1170baf359b7ca7bd0490a4482e2cdcd
http://security.debian.org/pool/updates/main/c/camlimages/camlimages_2.20-8+etch3.diff.gz
Size/MD5 checksum: 9758 0c6c814cf06b854f2078747d166d714f
http://security.debian.org/pool/updates/main/c/camlimages/camlimages_2.20.orig.tar.gz
Size/MD5 checksum: 1385525 d933eb58c7983f70b1a000fa01893aa4

Architecture independent packages:

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-doc_2.20-8+etch3_all.deb
Size/MD5 checksum: 598648 ee530d7dc14ff4250358f7354fc4a8a1

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch3_alpha.deb
Size/MD5 checksum: 1024484 72e9aea9c06f1ae264d70d1f7a6c85d2
http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch3_alpha.deb
Size/MD5 checksum: 29570 eaa6ec5925c36acc5a155c72c7f29b01

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch3_amd64.deb
Size/MD5 checksum: 872188 24f06eda9f7ca39b28b25932981b4cda
http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch3_amd64.deb
Size/MD5 checksum: 28126 7d3cf0404d52d005103206dd7f30aa8a

arm architecture (ARM)

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch3_arm.deb
Size/MD5 checksum: 26196 6c735d474717b7025b1b594bf515a2de
http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch3_arm.deb
Size/MD5 checksum: 880106 7e9b0c0b13949b71f1a23010f5ef68c8

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch3_hppa.deb
Size/MD5 checksum: 30408 6c6afd274d1f944887d318394efe1dc2
http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch3_hppa.deb
Size/MD5 checksum: 483264 1f1f707859dca186cc518241390f6b84

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch3_i386.deb
Size/MD5 checksum: 24670 01ed837cea61b5fd6143edaede81636c
http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch3_i386.deb
Size/MD5 checksum: 845016 a2a7c9d64df8e2be8933ff994c9ace7e

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch3_ia64.deb
Size/MD5 checksum: 1102148 001cb473b718078fbe7186f7e772633e
http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch3_ia64.deb
Size/MD5 checksum: 36800 d877b308032849966a1f6cb5c2a00b6a

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch3_mips.deb
Size/MD5 checksum: 428882 bd86f4f9c1158b4776008370b41be622
http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch3_mips.deb
Size/MD5 checksum: 25790 de5ac9debe1bb1348b951cb9f1dfd388

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch3_mipsel.deb
Size/MD5 checksum: 25834 768d6a896e11ae46e179f35190995f57
http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch3_mipsel.deb
Size/MD5 checksum: 428224 58c7839e5389a64094606de277d087ba

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch3_powerpc.deb
Size/MD5 checksum: 895248 43b16604d6881ab4804f94456048a48a
http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch3_powerpc.deb
Size/MD5 checksum: 32570 f1af72abb55c3e32f9ae222bdfc22056

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml_2.20-8+etch3_sparc.deb
Size/MD5 checksum: 25030 210e8127fb4036a1f1992e07d2157352
http://security.debian.org/pool/updates/main/c/camlimages/libcamlimages-ocaml-dev_2.20-8+etch3_sparc.deb
Size/MD5 checksum: 935978 15ef02c3ce9d7459f8671312167549e0

Debian GNU/Linux 5.0 alias lenny

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

Who's Online
Recent Visitors
- Ab Cadd
  Sat Jun 6 15:42:53 2026
  from Sheboygan, Wi via Telnet
- Centurion
  Sat Jun 6 15:32:28 2026
  from Berea, Ohio via Telnet
- Krenn
  Sat Jun 6 11:38:56 2026
  from Sydney, Nsw via Telnet
- Furryboy
  Sat Jun 6 10:56:29 2026
  from Romania, Galati via SSH
- Centurion
  Fri Jun 5 22:28:01 2026
  from Berea, Ohio via Telnet
- Ab Cadd
  Fri Jun 5 17:52:51 2026
  from Sheboygan, Wi via Telnet
- Gwylbert
  Fri Jun 5 06:28:52 2026
  from Sydney, Nsw via Telnet
- Centurion
  Thu Jun 4 23:42:23 2026
  from Berea, Ohio via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	715
Nodes:	16 (2 / 14)
Uptime:	153:41:34
Calls:	12,091
Calls today:	4
Files:	15,000
Messages:	6,517,669

[SECURITY] [DSA 1912-1] New camlimages fix arbitrary code execution (1/

Who's Online

Recent Visitors

System Info