Date: 05 August 2009
References: ESB-2009.1140
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2009.1130
New libmodplug packages fix arbitrary code execution
5 August 2009
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: libmodplug
Publisher: Debian
Operating System: Debian GNU/Linux 4
Debian GNU/Linux 5
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Denial of Service -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2009-1513 CVE-2009-1438
Original Bulletin:
http://www.debian.org/security/2009/dsa-1850
Comment: This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that administrators
running libmodplug check for an updated version of the software for
their operating system.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1850-1 security@debian.org
http://www.debian.org/security/ Steffen Joeris
August 04, 2009 http://www.debian.org/security/faq
- - ------------------------------------------------------------------------
Package : libmodplug
Vulnerability : several
Problem type : local (remote)
Debian-specific: no
CVE Ids : CVE-2009-1438 CVE-2009-1513
Debian Bugs : 526657 527076 526084
Several vulnerabilities have been discovered in libmodplug, the shared
libraries for mod music based on ModPlug. The Common Vulnerabilities and
Exposures project identifies the following problems:
CVE-2009-1438
It was discovered that libmodplug is prone to an integer overflow when
processing a MED file with a crafted song comment or song name.
CVE-2009-1513
It was discovered that libmodplug is prone to a buffer overflow in the
PATinst function, when processing a long instrument name.
For the stable distribution (lenny), these problems have been fixed in
version 1:0.8.4-1+lenny1.
For the oldstable distribution (etch), these problems have been fixed in
version 1:0.7-5.2+etch1.
For the testing distribution (squeeze) and the unstable distribution
(sid), this problem has been fixed in version 1:0.8.7-1.
We recommend that you upgrade your libmodplug packages.
Upgrade instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- - -------------------------------
Debian (oldstable)
- - ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug_0.7.orig.tar.gz
Size/MD5 checksum: 329398 b6e7412f90cdd4a27a2dd3de94909905
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug_0.7-5.2+etch1.diff.gz
Size/MD5 checksum: 8039 bbab9bd58551171e2e06667a34c142c6
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug_0.7-5.2+etch1.dsc
Size/MD5 checksum: 639 d1038e62643d55d6f828cf35b79de0b8
Architecture independent packages:
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug-dev_0.7-5.2+etch1_all.deb
Size/MD5 checksum: 22662 4f1054f141eed8596aef8c3ee9cb53e0
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_alpha.deb
Size/MD5 checksum: 164658 66dcec99183876eb3d51ef21f94074c3
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_amd64.deb
Size/MD5 checksum: 116020 51d8c8c88ca40f4bb84db1e19212d22f
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_arm.deb
Size/MD5 checksum: 128564 abea81a9204331d379d19266ae9c2ce4
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_hppa.deb
Size/MD5 checksum: 140852 e7123f04da964f983c470e0e8b45541f
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_i386.deb
Size/MD5 checksum: 118570 3daea649fff6afd586e038c2e1adefbf
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_ia64.deb
Size/MD5 checksum: 193278 66a63c49a06104bfb6e2a433b3965cd6
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_mips.deb
Size/MD5 checksum: 128172 437a45a7f44be2ef5d0427a8d48ca3a3
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_mipsel.deb
Size/MD5 checksum: 126328 b1e89e5a36757efa0872218ef65aac97
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_powerpc.deb
Size/MD5 checksum: 125400 3832485316da7189f10a92ee9a5b9631
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_s390.deb
Size/MD5 checksum: 128602 ea7389863995e8c6637aaff4a1451449
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.7-5.2+etch1_sparc.deb
Size/MD5 checksum: 123960 19482ae9a363ee1c4eace02781bbdf16
Debian GNU/Linux 5.0 alias lenny
- - --------------------------------
Debian (stable)
- - ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug_0.8.4-1+lenny1.dsc
Size/MD5 checksum: 1060 a36f490b6a4e963775577e175b23dd59
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug_0.8.4-1+lenny1.diff.gz
Size/MD5 checksum: 8031 d8e0a3b87cf946c99641103741f47e35
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug_0.8.4.orig.tar.gz
Size/MD5 checksum: 510758 091bd1168a524a4f36fc61f95209e7e4
Architecture independent packages:
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug-dev_0.8.4-1+lenny1_all.deb
Size/MD5 checksum: 24776 553b9aa5cddc17736613b981924c3022
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_alpha.deb
Size/MD5 checksum: 253172 d4531bd79e7073ac5910d7bb0afed53b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_amd64.deb
Size/MD5 checksum: 173448 f78dd0d43b1dfcc5f7fbce292bfbf4fb
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_arm.deb
Size/MD5 checksum: 186076 af4e4880d2a5fe3173f7ecad4a4f6e10
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_armel.deb
Size/MD5 checksum: 182470 3ebd0c108b3a223e46996f54a12a5067
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_i386.deb
Size/MD5 checksum: 171752 6b198e2b26666d92c59bac1eaf6dfd04
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_ia64.deb
Size/MD5 checksum: 321748 9d771a479ddb9cc4338a47617c21e4aa
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_mips.deb
Size/MD5 checksum: 186890 6d44ee961d8c5e2b4477a6ff12111b99
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_mipsel.deb
Size/MD5 checksum: 185528 96d30ac3d8a55068e9ad2d065f3831ba
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_powerpc.deb
Size/MD5 checksum: 187332 f0151664a380507749527c06f398ba63
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_s390.deb
Size/MD5 checksum: 190242 fe35d852302407bbfb538c09d213790b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libm/libmodplug/libmodplug0c2_0.8.4-1+lenny1_sparc.deb
Size/MD5 checksum: 187802 b54d03502f1c783431c3ee8cfc03274c
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkp397cACgkQ62zWxYk/rQeQuACgjS0eINg6zTd87Z3Ui3aU5BTC
q+gAn2tee7yi4zK80mOKOcbovkxs0CSI
=oKRx
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFKeMe3NVH5XJJInbgRApsdAJ4xpu+5VP52EcT5U8C/ctZeEXeupQCgitxl
uKIx2xybfbs8qnnMaPenVKc=
=aaHZ
-----END PGP SIGNATURE-----
|