[USN-604-1] Gnumeric vulnerability
Date: Mon, 21 Apr 2008 20:30:13 -0700
From: Kees Cook <kees@ubuntu.com.>
To: [email protected]
Subject: [USN-604-1] Gnumeric vulnerability
Message-ID: <20080422033013.GO18865@outflux.net.>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="zH41lVBEV8cLJnCl"
Content-Disposition: inline
Organization: Ubuntu
X-MIMEDefang-Filter: outflux$Revision: 1.311 $
X-HELO: www.outflux.net
X-Scanned-By: MIMEDefang 2.57 on 10.2.0.1
X-Virus-Scanned: antivirus-gw at tyumen.ru
--zH41lVBEV8cLJnCl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
Ubuntu Security Notice USN-604-1 April 22, 2008
gnumeric vulnerability
CVE-2008-0668
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
gnumeric 1.6.3-0ubuntu4.1
Ubuntu 6.10:
gnumeric 1.7.0-1ubuntu4.1
Ubuntu 7.04:
gnumeric 1.7.8-0ubuntu1.1
Ubuntu 7.10:
gnumeric 1.7.11-1ubuntu3.1
After a standard system upgrade you need to restart gnumeric to effect
the necessary changes.
Details follow:
Thilo Pfennig and Morten Welinder discovered that the XLS spreadsheet
handling code in Gnumeric did not correctly calculate needed memory sizes.
If a user or automated system were tricked into loading a specially crafted
XLS document, a remote attacker could execute arbitrary code with user
privileges.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.6.3-0=
ubuntu4.1.diff.gz
Size/MD5: 39323 42574f5797fcb226ef7528181035d31c
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.6.3-0=
ubuntu4.1.dsc
Size/MD5: 1392 b1628c2e7b4d4a78818f09de3e596cda
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.6.3.o=
rig.tar.gz
Size/MD5: 16479052 da792f23bf26a69788736088e69fc7c0
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-common_=
1.6.3-0ubuntu4.1_all.deb
Size/MD5: 258934 1c30004cd9d4443f48fb74e0357dbb26
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-doc_1.6=
=2E3-0ubuntu4.1_all.deb
Size/MD5: 4171512 587217e92ec63e28c30c90951bb499d4
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.6=
=2E3-0ubuntu4.1_amd64.deb
Size/MD5: 2022790 29be161b0419af30e692b232ad012179
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.6.3-0ubuntu4.1_amd64.deb
Size/MD5: 156402 9e44cd40784f0a4c9ab54d53731689eb
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.6.3-0=
ubuntu4.1_amd64.deb
Size/MD5: 2190380 307ed2f6290371777dd0bd8390efb280
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.6=
=2E3-0ubuntu4.1_i386.deb
Size/MD5: 1839904 31f48a91d2feda9ffb730f0ed5c605d2
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.6.3-0ubuntu4.1_i386.deb
Size/MD5: 150402 bbd8fae8e2917028fde1c2fdc9868bdf
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.6.3-0=
ubuntu4.1_i386.deb
Size/MD5: 2004104 e219d6ab8ffe2507535a3d0d92fc87b9
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.6=
=2E3-0ubuntu4.1_powerpc.deb
Size/MD5: 2023376 bf62ee21a1b224774d0d5ab086ddbb38
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.6.3-0ubuntu4.1_powerpc.deb
Size/MD5: 156886 ef7c27b3560402fdd6408e083c4229a1
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.6.3-0=
ubuntu4.1_powerpc.deb
Size/MD5: 2195736 f13fb41011cbaaef437ff3086e8ba50a
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.6=
=2E3-0ubuntu4.1_sparc.deb
Size/MD5: 1949834 c801e237cb504629685f1885fecaca2b
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.6.3-0ubuntu4.1_sparc.deb
Size/MD5: 152654 a08a044cc0b3aa7546eef87378974db1
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.6.3-0=
ubuntu4.1_sparc.deb
Size/MD5: 2114764 2a34e8b43ec31a8e78be3ec52492dd2e
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.0-1=
ubuntu4.1.diff.gz
Size/MD5: 45261 7565d8605bca038543084fcbc78d4845
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.0-1=
ubuntu4.1.dsc
Size/MD5: 1378 366052e7cdf751cbea1f1d894077cc30
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.0.o=
rig.tar.gz
Size/MD5: 16535049 9943fe7fe942ced6187d73fc334e6707
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-common_=
1.7.0-1ubuntu4.1_all.deb
Size/MD5: 366210 ccb44a14e76e4ef57312a71f2bc6e35f
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-doc_1.7=
=2E0-1ubuntu4.1_all.deb
Size/MD5: 4184614 fa368b34254b4ee2618bf159a463e53d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E0-1ubuntu4.1_amd64.deb
Size/MD5: 2087748 390a95976f17ab6a7a65271836d8a261
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.0-1ubuntu4.1_amd64.deb
Size/MD5: 170090 3268feb35204eca92b3b908f468a0f67
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.0-1=
ubuntu4.1_amd64.deb
Size/MD5: 2259060 ab4d6e1a0815f4f20fde944954f06943
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E0-1ubuntu4.1_i386.deb
Size/MD5: 1958608 a821c922acba32be87cbd00e4f09d3af
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.0-1ubuntu4.1_i386.deb
Size/MD5: 165110 f2abe52d16e3b770097b41a5ec086537
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.0-1=
ubuntu4.1_i386.deb
Size/MD5: 2132484 8862169b3ca2058b44d58f133e7f0c8b
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E0-1ubuntu4.1_powerpc.deb
Size/MD5: 2095692 e20b237a7667b8fe1f26a18c74972683
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.0-1ubuntu4.1_powerpc.deb
Size/MD5: 170628 8c15273771f1b4e06516b1022633347d
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.0-1=
ubuntu4.1_powerpc.deb
Size/MD5: 2269756 ca07ce5b14cbc24d30574aa12d442213
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E0-1ubuntu4.1_sparc.deb
Size/MD5: 2010592 d49c51704da28e96c0d7c8d230b7fceb
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.0-1ubuntu4.1_sparc.deb
Size/MD5: 165998 9af74233f30ab1b68dbd14ee1fd900a9
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.0-1=
ubuntu4.1_sparc.deb
Size/MD5: 2184538 f2b4e9ce72bcd381afb90614aa62a7da
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.8-0=
ubuntu1.1.diff.gz
Size/MD5: 48102 4cb4b66876b137433661b6446c363f36
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.8-0=
ubuntu1.1.dsc
Size/MD5: 1439 4a43bc0852c9c88d055eaf87ff879bd7
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.8.o=
rig.tar.gz
Size/MD5: 17058762 b03c5ba327fad7dc331e113b7f531210
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-common_=
1.7.8-0ubuntu1.1_all.deb
Size/MD5: 265514 47a4359a683a02445fea4d4b25a38d3c
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-doc_1.7=
=2E8-0ubuntu1.1_all.deb
Size/MD5: 4143238 4cd31e5683e5d46d33655722c0a306ef
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E8-0ubuntu1.1_amd64.deb
Size/MD5: 2122024 f5ee64a51c1cbc071f6565d02d304eac
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.8-0ubuntu1.1_amd64.deb
Size/MD5: 130022 e51a82c0d7f8cab43f7dc105da3a5685
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.8-0=
ubuntu1.1_amd64.deb
Size/MD5: 2302878 e1955434fa5f79d5bbe6db8ca4fc9882
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E8-0ubuntu1.1_i386.deb
Size/MD5: 1982206 72af664845f20250cfe6ce75e1b95764
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.8-0ubuntu1.1_i386.deb
Size/MD5: 125050 3e7e0a9c2215e3844a4551e6a3507411
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.8-0=
ubuntu1.1_i386.deb
Size/MD5: 2164976 475764927dced5df4b4bf367db41fc26
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E8-0ubuntu1.1_powerpc.deb
Size/MD5: 2260072 6defff3e93bd5aad82347c503ca51683
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.8-0ubuntu1.1_powerpc.deb
Size/MD5: 135964 4f5d5cd7e11c0a4f902b6515da408580
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.8-0=
ubuntu1.1_powerpc.deb
Size/MD5: 2442084 bfda15f48688cc98413a562a29bbe2c0
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E8-0ubuntu1.1_sparc.deb
Size/MD5: 2044240 a506f3573c8145ddd66e61dc2ddb0646
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.8-0ubuntu1.1_sparc.deb
Size/MD5: 125784 f6e1d5d973985dea00697123d4c30a51
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.8-0=
ubuntu1.1_sparc.deb
Size/MD5: 2224148 59d58a3a54e66ad14439d3fa63d4bc80
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.11-=
1ubuntu3.1.diff.gz
Size/MD5: 47530 aa0e6a89376cbd357399943ff92252e1
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.11-=
1ubuntu3.1.dsc
Size/MD5: 1375 c1884a9ba0a346d3ed8563f7845ab0f0
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.11.=
orig.tar.gz
Size/MD5: 17274168 8d07bbd5b57f55bbd26e0815d4146f9e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-common_=
1.7.11-1ubuntu3.1_all.deb
Size/MD5: 264998 53c0609a802420302188612056afbad1
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-doc_1.7=
=2E11-1ubuntu3.1_all.deb
Size/MD5: 4155974 4760c4d176646988a566c4ec957a1e03
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E11-1ubuntu3.1_amd64.deb
Size/MD5: 2145298 bfb0f86aa2dd8a223e3e3760a9a0a059
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.11-1ubuntu3.1_amd64.deb
Size/MD5: 142752 86394e3f002cb064e81a567e715c989c
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.11-=
1ubuntu3.1_amd64.deb
Size/MD5: 2331142 4b26c626508ad62d537b7d960ffefc4b
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E11-1ubuntu3.1_i386.deb
Size/MD5: 2005598 b114318f75a12e4374d15b3fcc9231e1
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.11-1ubuntu3.1_i386.deb
Size/MD5: 137866 0a1204f80dc3f54c5e375504764eae1f
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.11-=
1ubuntu3.1_i386.deb
Size/MD5: 2189096 1fd2ddae9a5e0015684e47c182bdea1f
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E11-1ubuntu3.1_powerpc.deb
Size/MD5: 2281254 b1fb989c0f54c1377ac3691eba0d0c56
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.11-1ubuntu3.1_powerpc.deb
Size/MD5: 148522 21432f8c173c2e1777cfc36fa033a3ca
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.11-=
1ubuntu3.1_powerpc.deb
Size/MD5: 2468958 4a1261f085e0d779f66ece69e8dac2b0
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-gtk_1.7=
=2E11-1ubuntu3.1_sparc.deb
Size/MD5: 2067614 86b25a9c7f7b28f1eeb829cd8aee34c4
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric-plugins=
-extra_1.7.11-1ubuntu3.1_sparc.deb
Size/MD5: 138404 b38d4b16c9ce1a3c70dcad82f059d578
http://security.ubuntu.com/ubuntu/pool/main/g/gnumeric/gnumeric_1.7.11-=
1ubuntu3.1_sparc.deb
Size/MD5: 2252586 9b11db6d2a2e0cc7fb53a4497390c774
--zH41lVBEV8cLJnCl
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIDVvFH/9LqRcGPm0RAtm7AJ9pQ+Va5tVholoy7esQZNkK4u4lgACcCt60
LM4nv1X709UFmjNKaEvbXT4=
=n1h5
-----END PGP SIGNATURE-----
--zH41lVBEV8cLJnCl--