[USN-769-1] libwmf vulnerability
Subject: [USN-769-1] libwmf vulnerability
From: Marc Deslauriers <marc.deslauriers@canonical.com.>
Reply-To: Ubuntu Security <security@ubuntu.com.>
To: [email protected]
Cc: [email protected], [email protected]
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-6LTMWtW1ifQfqdBdNjcF"
Date: Mon, 04 May 2009 10:46:45 -0400
Message-Id: <1241448405.6379.4.camel@mdlinux.technorage.com.>
Mime-Version: 1.0
X-Mailer: Evolution 2.26.1
X-Virus-Scanned: antivirus-gw at tyumen.ru
--=-6LTMWtW1ifQfqdBdNjcF
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
Ubuntu Security Notice USN-769-1 May 04, 2009
libwmf vulnerability
CVE-2009-1364
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
libwmf0.2-7 0.2.8.3-3.1ubuntu0.2
Ubuntu 8.04 LTS:
libwmf0.2-7 0.2.8.4-6ubuntu0.8.04.1
Ubuntu 8.10:
libwmf0.2-7 0.2.8.4-6ubuntu0.8.10.1
Ubuntu 9.04:
libwmf0.2-7 0.2.8.4-6ubuntu1.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Tavis Ormandy discovered that libwmf incorrectly used memory after it had
been freed when using its embedded GD library. If a user or automated
system were tricked into opening a crafted WMF file, an attacker could
cause a denial of service or execute arbitrary code with privileges of the
user invoking the program.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3-=
3.1ubuntu0.2.diff.gz
Size/MD5: 7548 1693ed2495751dcd73fc8e7831e0f7b3
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3-=
3.1ubuntu0.2.dsc
Size/MD5: 793 2ddea51c8941c40224ecbf1be95acbc7
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3.=
orig.tar.gz
Size/MD5: 1737021 c7246bb724664189ade7895547387e6a
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.=
8.3-3.1ubuntu0.2_all.deb
Size/MD5: 271716 96e8d4db4814825634dd6405cd32e661
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-3.1ubuntu0.2_amd64.deb
Size/MD5: 207388 b9592ee21a871f90c618ccb4e309fceb
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
.8.3-3.1ubuntu0.2_amd64.deb
Size/MD5: 182416 d8d8bf445c26d45277150e63f3e07e0f
http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-3.1ubuntu0.2_amd64.deb
Size/MD5: 17944 4dd4b1fcd5e2cf58edd55559261a8893
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-3.1ubuntu0.2_i386.deb
Size/MD5: 186190 b50a22929e5c58d64dddfd1dc5759c35
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
.8.3-3.1ubuntu0.2_i386.deb
Size/MD5: 167294 8eb6710e251969c670919faf0ac0d316
http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-3.1ubuntu0.2_i386.deb
Size/MD5: 16286 ac1b771cbab2ec97903515fcc0d502ef
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-3.1ubuntu0.2_powerpc.deb
Size/MD5: 207382 17861a22d0b851f3ae565050d6b5f944
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
.8.3-3.1ubuntu0.2_powerpc.deb
Size/MD5: 186342 1cdc9f3177873d0991df70dd94274164
http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-3.1ubuntu0.2_powerpc.deb
Size/MD5: 23136 1f88bd61ca71dc25c811eb87019e5318
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-3.1ubuntu0.2_sparc.deb
Size/MD5: 202306 36a414f896e6b9c0cd85fb80adcdc3a2
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
.8.3-3.1ubuntu0.2_sparc.deb
Size/MD5: 176046 ea143767a8b47e38c705d7f63514eb38
http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-3.1ubuntu0.2_sparc.deb
Size/MD5: 17062 ba9845b780219b6280d245df9871dcae
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-=
6ubuntu0.8.04.1.diff.gz
Size/MD5: 7945 db9719db8b4185a2dc1dfd9c7502a840
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-=
6ubuntu0.8.04.1.dsc
Size/MD5: 897 aa5a40fac6d3a20e262b676a6ffb9905
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4.=
orig.tar.gz
Size/MD5: 2169375 d1177739bf1ceb07f57421f0cee191e0
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.=
8.4-6ubuntu0.8.04.1_all.deb
Size/MD5: 271782 067cc55b9a443ccb54640265c83d2713
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.4-6ubuntu0.8.04.1_amd64.deb
Size/MD5: 204758 8d00854e0f547a1ba43a6273d989753e
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
.8.4-6ubuntu0.8.04.1_amd64.deb
Size/MD5: 182500 8f982b8f49392e464d8ee6dfcf5c7d45
http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.4-6ubuntu0.8.04.1_amd64.deb
Size/MD5: 18628 8bd56a6e3c735459894df6d35cca5069
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.4-6ubuntu0.8.04.1_i386.deb
Size/MD5: 190508 8719abb2577f1e835809901d278a1cc3
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
.8.4-6ubuntu0.8.04.1_i386.deb
Size/MD5: 174632 f0c237795563bc56e93a30b2420be5d8
http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.4-6ubuntu0.8.04.1_i386.deb
Size/MD5: 16854 51f4fa4bdea92af7adc8414d77c4f940
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubunt=
u0.8.04.1_lpia.deb
Size/MD5: 190544 0be66144da34d745b6a205e39acf6b8d
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubun=
tu0.8.04.1_lpia.deb
Size/MD5: 175152 6e321d7e9535b094a49cda9cca39cd98
http://ports.ubuntu.com/pool/universe/libw/libwmf/libwmf-bin_0.2.8.4-6u=
buntu0.8.04.1_lpia.deb
Size/MD5: 16912 4ff571582af7b37e8bbf69c410e174e4
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubunt=
u0.8.04.1_powerpc.deb
Size/MD5: 208426 3f9a023a87a4b83cb773892caabd0995
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubun=
tu0.8.04.1_powerpc.deb
Size/MD5: 193284 53296daa6fee0c24910bccf542aeab5c
http://ports.ubuntu.com/pool/universe/libw/libwmf/libwmf-bin_0.2.8.4-6u=
buntu0.8.04.1_powerpc.deb
Size/MD5: 26614 d5f2e2ba285723762a04276cdd7788bf
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubunt=
u0.8.04.1_sparc.deb
Size/MD5: 198188 541e5763f6b8c93e5c7fd3ad4c5036dd
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubun=
tu0.8.04.1_sparc.deb
Size/MD5: 174884 3a7230c7e0a3ee6c4d338bbbfc51b8d6
http://ports.ubuntu.com/pool/universe/libw/libwmf/libwmf-bin_0.2.8.4-6u=
buntu0.8.04.1_sparc.deb
Size/MD5: 18216 9a1750b1705281550cc63b12263122eb
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-=
6ubuntu0.8.10.1.diff.gz
Size/MD5: 7947 3d9209546d67ea082b3f0bbfed1eda90
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-=
6ubuntu0.8.10.1.dsc
Size/MD5: 1307 8e55c1cd1eebccde6dddbe717edbea01
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4.=
orig.tar.gz
Size/MD5: 2169375 d1177739bf1ceb07f57421f0cee191e0
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.=
8.4-6ubuntu0.8.10.1_all.deb
Size/MD5: 271786 3ca10a1afb13e2c4869b3a61ccca2f9c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-bin_0.2.=
8.4-6ubuntu0.8.10.1_amd64.deb
Size/MD5: 18226 3ff0320cac60266fbede66a12d94e722
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.4-6ubuntu0.8.10.1_amd64.deb
Size/MD5: 207528 c8080917e04e780dcb7949b942315fcf
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
.8.4-6ubuntu0.8.10.1_amd64.deb
Size/MD5: 185396 dd4b18c6101536755ec2059fa9ace7d7
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-bin_0.2.=
8.4-6ubuntu0.8.10.1_i386.deb
Size/MD5: 16320 3e4ea0e6701bb7c1b361f400a197789e
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.4-6ubuntu0.8.10.1_i386.deb
Size/MD5: 191792 7f2520ac7a4df757be3fac75aa1f8b3d
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
.8.4-6ubuntu0.8.10.1_i386.deb
Size/MD5: 175384 0688b920531b4bc30622df181049a969
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubunt=
u0.8.10.1_lpia.deb
Size/MD5: 16296 3ab52a223003ac3f1f75b15bbe94c2c7
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubunt=
u0.8.10.1_lpia.deb
Size/MD5: 192812 2c3bb8fdd898b2ea244835aac37bf91e
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubun=
tu0.8.10.1_lpia.deb
Size/MD5: 175724 8a8a91ff084707ffc2c188ed82abaf9b
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubunt=
u0.8.10.1_powerpc.deb
Size/MD5: 24438 dea1c25c5743967ac2e9bc720a5b53d0
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubunt=
u0.8.10.1_powerpc.deb
Size/MD5: 210326 c972df4317570606da04f5037669f69d
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubun=
tu0.8.10.1_powerpc.deb
Size/MD5: 195412 bf27b10058ad33b9d7070cecfd10cc9a
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubunt=
u0.8.10.1_sparc.deb
Size/MD5: 18292 312e37cc9675e1c5ce1982b0d3d9c2f0
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubunt=
u0.8.10.1_sparc.deb
Size/MD5: 201314 2fc36c07e6f7a7bb9412b814d79c3e09
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubun=
tu0.8.10.1_sparc.deb
Size/MD5: 176600 f078e4b862815fff7c26dfd3c952af3b
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-=
6ubuntu1.1.diff.gz
Size/MD5: 8054 75778c8b1637e8105a7d57c22f10fb1d
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4-=
6ubuntu1.1.dsc
Size/MD5: 1304 73331bc4957b531fa309e4defaaa61e8
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.4.=
orig.tar.gz
Size/MD5: 2169375 d1177739bf1ceb07f57421f0cee191e0
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.=
8.4-6ubuntu1.1_all.deb
Size/MD5: 271766 85012965dbe448e39dbd770149873231
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-bin_0.2.=
8.4-6ubuntu1.1_amd64.deb
Size/MD5: 18224 9dabf870549fe87e2a07a0c5169ef858
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.4-6ubuntu1.1_amd64.deb
Size/MD5: 207486 953705c1d863cfb6e35d26cb8f14c9ee
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7-gtk=
_0.2.8.4-6ubuntu1.1_amd64.deb
Size/MD5: 20924 1176ff52c290e7e6237416b3f8f11d53
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
.8.4-6ubuntu1.1_amd64.deb
Size/MD5: 182256 b9e6cdd69feb940940d2913d73b9beb9
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-bin_0.2.=
8.4-6ubuntu1.1_i386.deb
Size/MD5: 16326 6dd791cdcf2a5e80231d7175c82dc0fe
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.4-6ubuntu1.1_i386.deb
Size/MD5: 191744 e5ecc9eab79e93ec0a8cac1662367a9c
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7-gtk=
_0.2.8.4-6ubuntu1.1_i386.deb
Size/MD5: 20688 43cdff77db7b69642d3f30b3eea62f3b
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
.8.4-6ubuntu1.1_i386.deb
Size/MD5: 172432 06df097a479c63b16c5e2d3055e1b9f4
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubunt=
u1.1_lpia.deb
Size/MD5: 16286 b6a14684d53478a10c5d5806bf9c4510
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubunt=
u1.1_lpia.deb
Size/MD5: 192746 7955ed46b6fd5016da6cdaee7f9f3a2a
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7-gtk_0.2.8.4-6=
ubuntu1.1_lpia.deb
Size/MD5: 20602 8cd2b29d7615c83af5f11cd37d880cdc
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubun=
tu1.1_lpia.deb
Size/MD5: 172836 81098a45b48473a75c485c184d9598c0
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubunt=
u1.1_powerpc.deb
Size/MD5: 24434 3f8a54144a10505439d5aade24cf0b23
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubunt=
u1.1_powerpc.deb
Size/MD5: 210282 7b74e82b61c5d893090d2ed2086104a6
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7-gtk_0.2.8.4-6=
ubuntu1.1_powerpc.deb
Size/MD5: 23020 65e66a2944b5d0e0837d1a4c23e06ff6
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubun=
tu1.1_powerpc.deb
Size/MD5: 190446 2882b245d28ea23d20e25fad7b0757e1
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-bin_0.2.8.4-6ubunt=
u1.1_sparc.deb
Size/MD5: 18302 5abf22e780e2c61d4c9e0ad14b0f9673
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf-dev_0.2.8.4-6ubunt=
u1.1_sparc.deb
Size/MD5: 201282 e2933a793e52b2e4e70dff1b8c8d5cdb
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7-gtk_0.2.8.4-6=
ubuntu1.1_sparc.deb
Size/MD5: 20586 170e140a012c02e8558cc0af5f240210
http://ports.ubuntu.com/pool/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6ubun=
tu1.1_sparc.deb
Size/MD5: 173658 1eff93e12e2af48c8b2c38507c22371a
--=-6LTMWtW1ifQfqdBdNjcF
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAkn+/9IACgkQLMAs/0C4zNoT0gCeNNeCK/q8RdBwJ0fAdMlXTD3S
HiQAnibms5FeAa1poTrx9I+uFKNtjQMg
=Q4qa
-----END PGP SIGNATURE-----
--=-6LTMWtW1ifQfqdBdNjcF--