English | Deutsch | Español | Português
 Benutzerkennung:
 Passwort:
Registrieren
 About:   Dediziert  | Erweitert  | Standard  | Wiederkehrend  | Risikolos  | Desktop  | Basis  | Einmalig  | Sicherheits Siegel  | FAQ
  Preis/Funktionszusammenfassung  | Bestellen  | Neue Anfälligkeiten  | Vertraulichkeit  | Anfälligkeiten Suche
 Anfälligkeitssuche        Suche in 126339 CVE Beschreibungen
und 74190 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA-1796-1                    security@debian.org
http://www.debian.org/security/                                 Nico Golde
April 7th, 2009                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : libwmf
Vulnerability  : pointer use-after-free
Problem type   : local (remote)
Debian-specific: no
Debian bug     : 526434
CVE ID         : CVE-2009-1364


Tavis Ormandy discovered that the embedded GD library copy in libwmf,
a library to parse windows metafiles (WMF), makes use of a pointer
after it was already freed.  An attacker using a crafted WMF file can
cause a denial of service or possibly the execute arbitrary code via
applications using this library.


For the oldstable distribution (etch), this problem has been fixed in
version 0.2.8.4-2+etch1.

For the stable distribution (lenny), this problem has been fixed in
version 0.2.8.4-6+lenny1.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 0.2.8.4-6.1.


We recommend that you upgrade your libwmf packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf_0.2.8.4-2+etch1.diff.gz
    Size/MD5 checksum:     7644 2b4fed248a00761fd52d0121b1a85bc3
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf_0.2.8.4-2+etch1.dsc
    Size/MD5 checksum:      777 3cee5266c519e54d0da6af8e7bfce4fb
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf_0.2.8.4.orig.tar.gz
    Size/MD5 checksum:  2169375 d1177739bf1ceb07f57421f0cee191e0

Architecture independent packages:

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-doc_0.2.8.4-2+etch1_all.deb
    Size/MD5 checksum:   285000 dad2e5a29f12e8eb1044aa0e8711f9ca

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_alpha.deb
    Size/MD5 checksum:    20778 cb687c76275147f88647cc66432c7e19
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_alpha.deb
    Size/MD5 checksum:   266074 b339918318e45eb257f17a118189ce84
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_alpha.deb
    Size/MD5 checksum:   202096 d17c7648e7a36c487cc350a2337a9895

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_amd64.deb
    Size/MD5 checksum:    18236 c297e08f3ef5b051539e953e86c079ef
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_amd64.deb
    Size/MD5 checksum:   181534 84d6098d1c8664b140af1133a2131a21
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_amd64.deb
    Size/MD5 checksum:   207970 38bb87b9709162127b1781f1f94faabd

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_arm.deb
    Size/MD5 checksum:    17282 babef9667a9f4b08caefd35768a3a46d
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_arm.deb
    Size/MD5 checksum:   193728 e746d7645a15cd86949b100cdf45b40d
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_arm.deb
    Size/MD5 checksum:   171004 5a3619cbce2f2a5c372b95264b89deeb

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_hppa.deb
    Size/MD5 checksum:   233692 cd29f5b00baf76ff13024fbb86f6d9e3
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_hppa.deb
    Size/MD5 checksum:   199222 8065d7a00098dc8369db734a05b9c17f
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_hppa.deb
    Size/MD5 checksum:    20012 248ff058981781eb05dd840e267be350

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_i386.deb
    Size/MD5 checksum:    16972 6c9b82eb6ec8bae312e3b9560287f128
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_i386.deb
    Size/MD5 checksum:   173774 574bd6bfae2c31dd6b327adbc3f8198e
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_i386.deb
    Size/MD5 checksum:   196458 fd9303e305f980531f7189bde27cf9d2

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_ia64.deb
    Size/MD5 checksum:   302452 52a71013e006a01c8c9fa9812dcbbce8
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_ia64.deb
    Size/MD5 checksum:    26150 8d4c7ca669c634d5a4a0c038f603f8b8
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_ia64.deb
    Size/MD5 checksum:   264844 21f1ff094fd730d04e7e2b4377b874f6

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_mips.deb
    Size/MD5 checksum:   229336 d52a35cbfe9b5bc6791f43b894f6bda8
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_mips.deb
    Size/MD5 checksum:   176096 5dc5d4b8417ddcdca85ccac83c7072ef
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_mips.deb
    Size/MD5 checksum:    18994 80122014dde275e45efb64b4451603e8

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_powerpc.deb
    Size/MD5 checksum:   186686 bce7bb5a7b7a8d6593a4273d2e3e4c7b
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_powerpc.deb
    Size/MD5 checksum:   207140 10bbafbc62f653e29b2f8c88bbdd9b02
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_powerpc.deb
    Size/MD5 checksum:    22900 543ae9e4df3d297121f899b634636713

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_s390.deb
    Size/MD5 checksum:    18116 1206f23d337f638a7bf405fae7f9a7a1
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_s390.deb
    Size/MD5 checksum:   203422 4d8465b694e76c2b5a58d3787b4914c6
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_s390.deb
    Size/MD5 checksum:   183234 639d7e103590d7688224d9f5502126b0

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-2+etch1_sparc.deb
    Size/MD5 checksum:   173576 4d7b14354b5c143ed4fa096bbcb1a752
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-2+etch1_sparc.deb
    Size/MD5 checksum:   203976 f319ee7010a0efd187db5023359a8beb
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-2+etch1_sparc.deb
    Size/MD5 checksum:    17268 bb5de5301730ce0cd417e6e945838512


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf_0.2.8.4-6+lenny1.diff.gz
    Size/MD5 checksum:     7894 4f82263c3909e9b63e0cbc7ed10e997d
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf_0.2.8.4.orig.tar.gz
    Size/MD5 checksum:  2169375 d1177739bf1ceb07f57421f0cee191e0
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf_0.2.8.4-6+lenny1.dsc
    Size/MD5 checksum:     1195 ca8aa8b0ca3a03408032af1ff3882569

Architecture independent packages:

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-doc_0.2.8.4-6+lenny1_all.deb
    Size/MD5 checksum:   285920 c5388d928771785efcbf9cecb6c589a1

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_alpha.deb
    Size/MD5 checksum:    20598 d06f257a8d9ac39374bd69327bb44856
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_alpha.deb
    Size/MD5 checksum:   263434 8daea32a448767b08e888f051dcc95f7
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_alpha.deb
    Size/MD5 checksum:   203738 e9ac47fa10381c5510c5ace60b920c1a

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_amd64.deb
    Size/MD5 checksum:    18992 49529a2273c18658ed927016b33e0ff5
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_amd64.deb
    Size/MD5 checksum:   186908 79c5cf0608709bb8a8e52547a050e94c
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_amd64.deb
    Size/MD5 checksum:   210036 b933a8713fee44409613401692602bc9

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_arm.deb
    Size/MD5 checksum:    16936 de40799cfcd047a65470c67d90c99996
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_arm.deb
    Size/MD5 checksum:   173436 7ac2f9516551b7e87c58e9b3c90c4aae
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_arm.deb
    Size/MD5 checksum:   193904 70ff03d5f3353a7921b9e64a7d575865

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_armel.deb
    Size/MD5 checksum:   181438 af85015b825f8ff0afe5013b9198f612
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_armel.deb
    Size/MD5 checksum:    18334 5b6ebb4cf15385f5ee4cb5994ceca5e0
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_armel.deb
    Size/MD5 checksum:   199168 ac0f164a3f1cb5773351026db81c3b4a

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_hppa.deb
    Size/MD5 checksum:    19770 3bef399e7872f710e425bd4f9e4327a6
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_hppa.deb
    Size/MD5 checksum:   201662 faf3930f62f1e8040b98df980e011b57
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_hppa.deb
    Size/MD5 checksum:   236120 f92e57dfc0f888949f2d54f6ee9687a1

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_i386.deb
    Size/MD5 checksum:   176452 a70ddf1417312c0acad56e05403b8875
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_i386.deb
    Size/MD5 checksum:   194024 f3d7fb16b81a8df01eccb01dfce91cc4
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_i386.deb
    Size/MD5 checksum:    16928 572efd6f96ec0aad181fea0ba46e96f2

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_ia64.deb
    Size/MD5 checksum:    25766 6dc665e9ced6a39c279eb93abcf1469f
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_ia64.deb
    Size/MD5 checksum:   304474 60d47ed04099d9128c255097536b59fd
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_ia64.deb
    Size/MD5 checksum:   270232 6e92952dc90896353b46392f2a5d0edb

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_mips.deb
    Size/MD5 checksum:    18192 c962575a11e80c524148034e335c02b3
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_mips.deb
    Size/MD5 checksum:   229846 23e8811e367af817997a8dc2c87f45c7
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_mips.deb
    Size/MD5 checksum:   179160 907f41074981099e5b970ba373770483

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_mipsel.deb
    Size/MD5 checksum:   223738 d719ba660f5a356e982fd173f51bcf73
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_mipsel.deb
    Size/MD5 checksum:    17854 8f1b053ebe04427d7ecdbad974865302
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_mipsel.deb
    Size/MD5 checksum:   180004 4effa6b4a227d70e574106d88150660d

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_powerpc.deb
    Size/MD5 checksum:   214354 e7433c7790e0b0456c415d84c9dd7cd2
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_powerpc.deb
    Size/MD5 checksum:    27392 7282af7c836ee8c2339e48f04885e955
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_powerpc.deb
    Size/MD5 checksum:   196128 61d4022bd0ac9028e6fac9b8521a3fd3

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_s390.deb
    Size/MD5 checksum:   203604 6195247347970250b62101f6b798409b
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_s390.deb
    Size/MD5 checksum:    18624 3c2be19a55bb550e1a6383b93f0eda9e
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_s390.deb
    Size/MD5 checksum:   186986 17b24ed61aea2f6153f700378d512e02

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf0.2-7_0.2.8.4-6+lenny1_sparc.deb
    Size/MD5 checksum:   177318 02b2b31bb88340a03e58ad679370e3aa
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-dev_0.2.8.4-6+lenny1_sparc.deb
    Size/MD5 checksum:   200278 9e0041b2d3b87acfbcf9fd1790677859
  http://security.debian.org/pool/updates/main/libw/libwmf/libwmf-bin_0.2.8.4-6+lenny1_sparc.deb
    Size/MD5 checksum:    17748 5f0f3860c1af2bba8e6a77cb9ed67cca


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkoDCo0ACgkQHYflSXNkfP8TYgCfT4n7imxW2vBRC1vCFgz/AB3+
lv8AoKrcIB/i5m/JAsssjkDLkr1GH8v8
=om0D
-----END PGP SIGNATURE-----

Registrierung eines neuen Benutzers
Email:
Benutzerkennung:
Passwort:
Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.
Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.
   Datenschutz
Anmeldung für registrierte Benutzer
 
Benutzerkennung:   
Passwort:  

 Benutzerkennung oder Passwort vergessen?
Email/Benutzerkennung:




Startseite | Über uns | Kontakt | Partnerprogramme | Developer APIs | Datenschutz | Mailinglisten | Missbrauch
Sicherheits Überprüfungen | Verwaltete DNS | Netzwerk Überwachung | Webseiten Analysator | Internet Recherche Berichte
Web Sonde

© 1998-2019 E-Soft Inc. Alle Rechte vorbehalten.