[CLA-2002:548] Conectiva Linux Security Announcement - windowmaker

From: secure@conectiva.com.br
Date: 11/18/02

  • Next message: Florian Weimer: "Re: GNU GCC: Optimizer Removes Code Necessary for Security"
    Date: Mon, 18 Nov 2002 12:10:49 -0200
    To: conectiva-updates@papaleguas.conectiva.com.br, lwn@lwn.net, bugtraq@securityfocus.com, security-alerts@linuxsecurity.com
    From: secure@conectiva.com.br
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - --------------------------------------------------------------------------
    CONECTIVA LINUX SECURITY ANNOUNCEMENT
    - --------------------------------------------------------------------------

    PACKAGE : windowmaker
    SUMMARY : Integer buffer overflow vulnerability
    DATE : 2002-11-18 12:10:00
    ID : CLA-2002:548
    RELEVANT
    RELEASES : 6.0, 7.0, 8

    - -------------------------------------------------------------------------

    DESCRIPTION
     Window Maker[1] is a very popular window manager.
     
     Al Viro reported a vulnerability[2] in a function that is used when
     Window Maker loads images. This function is used, for example, when a
     new background image is configured, and when previewing themes.
     
     This function calculates the ammount of memory necessary to load the
     image by doing a multiplication. It does not, however, check the
     result of this multiplication, which could suffer an integer overflow
     and not fit into the destination variable. Given a sufficiently large
     height and/or width parameter, a less than needed ammount of memory
     would be allocated, which would result in a buffer overflow later on
     when the image is actually loaded.
     
     A possible scenario for this vulnerability could be that of an
     attacker making a specially crafted image available and convincing an
     unsuspecting user to set it as a background image.

    SOLUTION
     It is recommended that all Window Maker users upgrade their
     packages.
     
     IMPORTANT: if Window Maker is in use during the update, it will have
     to be restarted manually. This can be done via the "Exit -> Restart"
     menu.
     
     
     REFERENCES
     1. http://www.windowmaker.org/
     2. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1277

    DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
    ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/WindowMaker-0.62.1-13U60_2cl.src.rpm
    ftp://atualizacoes.conectiva.com.br/6.0/RPMS/WindowMaker-0.62.1-13U60_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/6.0/RPMS/WindowMaker-devel-0.62.1-13U60_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/WindowMaker-0.65.1-2U70_2cl.src.rpm
    ftp://atualizacoes.conectiva.com.br/7.0/RPMS/WindowMaker-0.65.1-2U70_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/7.0/RPMS/WindowMaker-devel-0.65.1-2U70_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/7.0/RPMS/WindowMaker-devel-static-0.65.1-2U70_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/7.0/RPMS/WindowMaker-doc-0.65.1-2U70_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/SRPMS/WindowMaker-0.80.0-3U80_1cl.src.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/WindowMaker-0.80.0-3U80_1cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/WindowMaker-devel-0.80.0-3U80_1cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/WindowMaker-devel-static-0.80.0-3U80_1cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/WindowMaker-doc-0.80.0-3U80_1cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/libwraster-2.2.0-13U80_1cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/libwraster-devel-2.2.0-13U80_1cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/libwraster-devel-static-2.2.0-13U80_1cl.i386.rpm

    ADDITIONAL INSTRUCTIONS
     Users of Conectiva Linux version 6.0 or higher may use apt to perform
     upgrades of RPM packages:
     - add the following line to /etc/apt/sources.list if it is not there yet
       (you may also use linuxconf to do this):

     rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates

    (replace 6.0 with the correct version number if you are not running CL6.0)

     - run: apt-get update
     - after that, execute: apt-get upgrade

     Detailed instructions reagarding the use of apt and upgrade examples
     can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en

    - -------------------------------------------------------------------------
    All packages are signed with Conectiva's GPG key. The key and instructions
    on how to import it can be found at
    http://distro.conectiva.com.br/seguranca/chave/?idioma=en
    Instructions on how to check the signatures of the RPM packages can be
    found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en
    - -------------------------------------------------------------------------
    All our advisories and generic update instructions can be viewed at
    http://distro.conectiva.com.br/atualizacoes/?idioma=en

    - -------------------------------------------------------------------------
    subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br
    unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (GNU/Linux)
    Comment: For info see http://www.gnupg.org

    iD8DBQE92PTo42jd0JmAcZARAuaiAJ9fFjBSaM+nIbyEETz0owqzgv1jOQCgoO/M
    JMwiprOgrWPFCrAODLMuUOA=
    =vtFt
    -----END PGP SIGNATURE-----