Bug#526434: libwmf: proposed debdiff to fix CVE-2009-1364

[Giuseppe Iuculano]

Hi,

I've prepared a NMU to fix CVE-2009-1364 in oldstable, stables, and unstable.

Proposed trivial debdiffs in attachment.

Cheers,
Giuseppe.
diff -u libwmf-0.2.8.4/debian/changelog libwmf-0.2.8.4/debian/changelog
--- libwmf-0.2.8.4/debian/changelog
+++ libwmf-0.2.8.4/debian/changelog
@@ -1,3 +1,11 @@
+libwmf (0.2.8.4-2+etch1) oldstable-security; urgency=high
+
+  * Non-maintainer upload.
+  * Fixed Use-after-free vulnerability in the embedded GD library
+(Closes: #526434) (CVE-2009-1364)
+
+ -- Giuseppe Iuculano giuse...@iuculano.it  Wed, 06 May 2009 09:33:49 +0200
+
 libwmf (0.2.8.4-2) unstable; urgency=high
 
   * src/player.c: Fix integer overflow vulnerability.  [CVE-2006-3376]
only in patch2:
unchanged:
--- libwmf-0.2.8.4.orig/src/extra/gd/gd_clip.c
+++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c
@@ -70,6 +70,7 @@
{   more = gdRealloc (im-clip-list,(im-clip-max + 8) * sizeof 
(gdClipRectangle));
if (more == 0) return;
im-clip-max += 8;
+   im-clip-list = more;
}
im-clip-list[im-clip-count] = (*rect);
im-clip-count++;
diffstat for libwmf_0.2.8.4-6 libwmf_0.2.8.4-6+lenny1

 libwmf-0.2.8.4/debian/changelog |8 
 src/extra/gd/gd_clip.c  |1 +
 2 files changed, 9 insertions(+)

diff -u libwmf-0.2.8.4/debian/changelog libwmf-0.2.8.4/debian/changelog
--- libwmf-0.2.8.4/debian/changelog
+++ libwmf-0.2.8.4/debian/changelog
@@ -1,3 +1,11 @@
+libwmf (0.2.8.4-6.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Fixed Use-after-free vulnerability in the embedded GD library
+(Closes: #526434) (CVE-2009-1364)
+
+ -- Giuseppe Iuculano giuse...@iuculano.it  Wed, 06 May 2009 09:19:49 +0200
+
 libwmf (0.2.8.4-6) unstable; urgency=low
 
   * Upload to unstable.
only in patch2:
unchanged:
--- libwmf-0.2.8.4.orig/src/extra/gd/gd_clip.c
+++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c
@@ -70,6 +70,7 @@
{   more = gdRealloc (im-clip-list,(im-clip-max + 8) * sizeof 
(gdClipRectangle));
if (more == 0) return;
im-clip-max += 8;
+   im-clip-list = more;
}
im-clip-list[im-clip-count] = (*rect);
im-clip-count++;
diffstat for libwmf_0.2.8.4-6 libwmf_0.2.8.4-6+lenny1

 libwmf-0.2.8.4/debian/changelog |8 
 src/extra/gd/gd_clip.c  |1 +
 2 files changed, 9 insertions(+)

diff -u libwmf-0.2.8.4/debian/changelog libwmf-0.2.8.4/debian/changelog
--- libwmf-0.2.8.4/debian/changelog
+++ libwmf-0.2.8.4/debian/changelog
@@ -1,3 +1,11 @@
+libwmf (0.2.8.4-6+lenny1) stable-security; urgency=high
+
+  * Non-maintainer upload.
+  * Fixed Use-after-free vulnerability in the embedded GD library
+(Closes: #526434) (CVE-2009-1364)
+
+ -- Giuseppe Iuculano giuse...@iuculano.it  Wed, 06 May 2009 09:19:49 +0200
+
 libwmf (0.2.8.4-6) unstable; urgency=low
 
   * Upload to unstable.
only in patch2:
unchanged:
--- libwmf-0.2.8.4.orig/src/extra/gd/gd_clip.c
+++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c
@@ -70,6 +70,7 @@
{   more = gdRealloc (im-clip-list,(im-clip-max + 8) * sizeof 
(gdClipRectangle));
if (more == 0) return;
im-clip-max += 8;
+   im-clip-list = more;
}
im-clip-list[im-clip-count] = (*rect);
im-clip-count++;


signature.asc
Description: OpenPGP digital signature

Bug#526434: libwmf: proposed debdiff to fix CVE-2009-1364

[Nico Golde]

Hi,
* Giuseppe Iuculano giuse...@iuculano.it [2009-05-06 13:14]:
 I've prepared a NMU to fix CVE-2009-1364 in oldstable, stables, and unstable.
 
 Proposed trivial debdiffs in attachment.

No need for stable, I already prepared fixed packages. For 
unstable I'm gping to sponsor your NMU now.

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpECVMie5rCp.pgp
Description: PGP signature