USN-333-1: libwmf vulnerability
Posted on: 08/09/2006 12:22 PM

A new libwmf vulnerability update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-333-1 August 09, 2006
libwmf vulnerability
CVE-2006-3376
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
libwmf0.2-7 0.2.8-1.1ubuntu0.1

Ubuntu 5.10:
libwmf0.2-7 0.2.8.3-2ubuntu0.1

Ubuntu 6.06 LTS:
libwmf0.2-7 0.2.8.3-3.1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

An integer overflow was found in the handling of the MaxRecordSize
field in the WMF header parser. By tricking a user into opening a
specially crafted WMF image file with an application that uses this
library, an attacker could exploit this to execute arbitrary code with
the user's privileges.


Updated packages for Ubuntu 5.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8-1.=
1ubuntu0.1.diff.gz
Size/MD5: 5304 e7805fbd610d936cfd64a4ad5529d604
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8-1.=
1ubuntu0.1.dsc
Size/MD5: 699 b38be3ecef264877a0a8aa57a3ef369f
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.or=
ig.tar.gz
Size/MD5: 1620489 269fb225cd44f40cc877fb6c63706112

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.=
8-1.1ubuntu0.1_all.deb
Size/MD5: 271748 8ab9644a6b59216b32c4669b8fd1d08d

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8-1.1ubuntu0.1_amd64.deb
Size/MD5: 20734 0423e72e4668c7c706e31591e751db7d
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8-1.1ubuntu0.1_amd64.deb
Size/MD5: 204060 acfd872c6e935d9df25e055ceb4b1cf3
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8-1.1ubuntu0.1_amd64.deb
Size/MD5: 174006 85eab7d6300451d9cb0a05f3b0b0955f

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8-1.1ubuntu0.1_i386.deb
Size/MD5: 18732 ff99549d18b4f31a21522e042d87bba6
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8-1.1ubuntu0.1_i386.deb
Size/MD5: 190000 0c037a6a429249d2e95f92152cce6233
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8-1.1ubuntu0.1_i386.deb
Size/MD5: 164928 e8aa9895eedcf46955a21a5b7114895c

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8-1.1ubuntu0.1_powerpc.deb
Size/MD5: 25900 4018e7b12756dd292734e06641d9c215
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8-1.1ubuntu0.1_powerpc.deb
Size/MD5: 208320 8445f174ede961f90c0634e786d3d549
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8-1.1ubuntu0.1_powerpc.deb
Size/MD5: 178750 b0db830818c196f815c0d26f161a7141

Updated packages for Ubuntu 5.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3-=
2ubuntu0.1.diff.gz
Size/MD5: 7142 f60eca63b5d87fdfb5fd70a20a799122
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3-=
2ubuntu0.1.dsc
Size/MD5: 788 4fab72640e6cbc31616d80e9ff1efb5d
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3.=
orig.tar.gz
Size/MD5: 1737021 c7246bb724664189ade7895547387e6a

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.=
8.3-2ubuntu0.1_all.deb
Size/MD5: 271728 f1022f283d9cdd656521f8bd1f001337

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-2ubuntu0.1_amd64.deb
Size/MD5: 15452 6aacb2892e64bc40eaa73cce7bf6106a
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-2ubuntu0.1_amd64.deb
Size/MD5: 197976 d3006052733be31d47830d2f31d3cea8
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8.3-2ubuntu0.1_amd64.deb
Size/MD5: 174604 e96c6f24abd2c42103118329ac843dd2

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-2ubuntu0.1_i386.deb
Size/MD5: 13944 7a000303b7b8b9848dc84c448832462b
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-2ubuntu0.1_i386.deb
Size/MD5: 178664 f0287b3bd1ef0211760f25f3776271ba
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8.3-2ubuntu0.1_i386.deb
Size/MD5: 159446 c53a29f7446d173ad15ab336901c216d

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-2ubuntu0.1_powerpc.deb
Size/MD5: 19682 68ed2e16fec205e4afe66fee41aedceb
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-2ubuntu0.1_powerpc.deb
Size/MD5: 198396 8217bfc3dbd8add5ec7f10072b7064da
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8.3-2ubuntu0.1_powerpc.deb
Size/MD5: 178588 31bd92a0662e02d7561c6bfe62942021

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-2ubuntu0.1_sparc.deb
Size/MD5: 14736 1440557ccc8d651710a479fa52ddf43f
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-2ubuntu0.1_sparc.deb
Size/MD5: 193558 b43e73a341c099675ad0f5854708f1f1
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8.3-2ubuntu0.1_sparc.deb
Size/MD5: 167780 318f0310c891fbb97d7f66f3feb6bd89

Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3-=
3.1ubuntu0.1.diff.gz
Size/MD5: 7333 f521b721712b0ab752beebfcacbc2bca
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3-=
3.1ubuntu0.1.dsc
Size/MD5: 787 ba7f7d57497ed05232a1ee2e335136a6
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf_0.2.8.3.=
orig.tar.gz
Size/MD5: 1737021 c7246bb724664189ade7895547387e6a

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-doc_0.2.=
8.3-3.1ubuntu0.1_all.deb
Size/MD5: 271718 965951077a2c870395a0b7ac95bd079a

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-3.1ubuntu0.1_amd64.deb
Size/MD5: 17938 20f0cc89d3269a20acc92a186e136cb5
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-3.1ubuntu0.1_amd64.deb
Size/MD5: 207380 3e6194a937189c03f9cd3920c9d2625e
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8.3-3.1ubuntu0.1_amd64.deb
Size/MD5: 182314 49375dc6d7673b40fc18a36e3fb18bd4

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-3.1ubuntu0.1_i386.deb
Size/MD5: 16282 d764d015b1b6d54226ea7462c6cc46e8
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-3.1ubuntu0.1_i386.deb
Size/MD5: 186178 aa417806aabee6b99cc006d51c9432d6
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8.3-3.1ubuntu0.1_i386.deb
Size/MD5: 167174 35ffec3f86bf13c3cc78a56a3e6b3f66

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-3.1ubuntu0.1_powerpc.deb
Size/MD5: 23138 bc6dcaf6487a7a37387588464aa7145c
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-3.1ubuntu0.1_powerpc.deb
Size/MD5: 207374 a58e4fd73d7fda4a0c0ded54a41aee84
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8.3-3.1ubuntu0.1_powerpc.deb
Size/MD5: 186184 ef834ca675034ea667e96dbb2b833ee0

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/universe/libw/libwmf/libwmf-bin_=
0.2.8.3-3.1ubuntu0.1_sparc.deb
Size/MD5: 17060 9b46ecdd77450c7ca65155336e27a01b
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf-dev_0.2.=
8.3-3.1ubuntu0.1_sparc.deb
Size/MD5: 202286 e83a995ff9afc034ce1fad2c233c41e7
http://security.ubuntu.com/ubuntu/pool/main/libw/libwmf/libwmf0.2-7_0.2=
=2E8.3-3.1ubuntu0.1_sparc.deb
Size/MD5: 175900 66ee4f8648d68321a6f8e2ed72ab957e

--1UWUbFP1cBYEclgG
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFE2aeBDecnbV4Fd/IRAv8cAKCVTuQ91QxpoknOTjGR007rRThFKgCg5sDI
Xun9FCHqhQAUL6uyt8yYwAE=
=9nHA
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_333_1_libwmf_vulnerability.html)