Debian Bug report logs -
#842090
libwmf: CVE-2016-9011
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 25 Oct 2016 20:12:47 UTC
Severity: normal
Tags: patch, security, upstream
Found in version libwmf/0.2.8.4-10.3
Fixed in versions libwmf/0.2.8.4-10.6, libwmf/0.2.8.4-10.3+deb8u2
Done: Balint Reczey <balint@balintreczey.hu>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Loïc Minier <lool@debian.org>:
Bug#842090; Package src:libwmf.
(Tue, 25 Oct 2016 20:12:49 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Loïc Minier <lool@debian.org>.
(Tue, 25 Oct 2016 20:12:49 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: libwmf
Version: 0.2.8.4-10.3
Severity: normal
Tags: security upstream
Hi,
the following vulnerability was published for libwmf. Opening the bug
to track the issue in the Debian BTS.
CVE-2016-9011[0]:
memory allocation failure in wmf_malloc (api.c)
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-9011
Note, no DSA is planned for jessie.
Regards,
Salvatore
Information forwarded
to debian-bugs-dist@lists.debian.org, Loïc Minier <lool@debian.org>:
Bug#842090; Package src:libwmf.
(Thu, 27 Oct 2016 21:30:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Balint Reczey <balint@balintreczey.hu>:
Extra info received and forwarded to list. Copy sent to Loïc Minier <lool@debian.org>.
(Thu, 27 Oct 2016 21:30:06 GMT) (full text, mbox, link).
Message #10 received at 842090@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On Tue, 25 Oct 2016 22:10:34 +0200 Salvatore Bonaccorso
<carnil@debian.org> wrote:
> Hi,
>
> the following vulnerability was published for libwmf. Opening the bug
> to track the issue in the Debian BTS.
>
> CVE-2016-9011[0]:
> memory allocation failure in wmf_malloc (api.c)
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2016-9011
Fedora has already released a fix, which I have updated for Debian.
Please see it in the attached patch.
Origin per Fedora package's [1] changelog:
* Wed Oct 26 2016 Caolán McNamara <caolanm@redhat.com> - 0.2.8.4-49
- Resolves: rhbz#1388451 (CVE-2016-9011) check max claimed record len
against max seekable position
Cheers,
Balint
[1] http://koji.fedoraproject.org/koji/buildinfo?buildID=812787
[libwmf-0.2.8.4-CVE-2016-9011-debian.patch (text/x-patch, attachment)]
Added tag(s) patch.
Request was from Bálint Réczey <balint@balintreczey.hu>
to control@bugs.debian.org.
(Thu, 27 Oct 2016 21:30:10 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Loïc Minier <lool@debian.org>:
Bug#842090; Package src:libwmf.
(Wed, 02 Nov 2016 11:51:05 GMT) (full text, mbox, link).
Acknowledgement sent
to balint@balintreczey.hu:
Extra info received and forwarded to list. Copy sent to Loïc Minier <lool@debian.org>.
(Wed, 02 Nov 2016 11:51:05 GMT) (full text, mbox, link).
Message #17 received at 842090@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi,
2016-10-27 23:28 GMT+02:00 Balint Reczey <balint@balintreczey.hu>:
> On Tue, 25 Oct 2016 22:10:34 +0200 Salvatore Bonaccorso
> <carnil@debian.org> wrote:
>> Hi,
>>
>> the following vulnerability was published for libwmf. Opening the bug
>> to track the issue in the Debian BTS.
>>
>> CVE-2016-9011[0]:
>> memory allocation failure in wmf_malloc (api.c)
>>
>> If you fix the vulnerability please also make sure to include the
>> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>>
>> For further information see:
>>
>> [0] https://security-tracker.debian.org/tracker/CVE-2016-9011
>
> Fedora has already released a fix, which I have updated for Debian.
> Please see it in the attached patch.
>
> Origin per Fedora package's [1] changelog:
>
> * Wed Oct 26 2016 Caolán McNamara <caolanm@redhat.com> - 0.2.8.4-49
> - Resolves: rhbz#1388451 (CVE-2016-9011) check max claimed record len
> against max seekable position
I have uploaded a fixed version to DELAYED/10. Please see the attached
patch for the debdiff.
Cheers,
Balint
> [1] http://koji.fedoraproject.org/koji/buildinfo?buildID=812787
[libwmf_0.2.8.4-10.6.patch (text/x-diff, attachment)]
Reply sent
to Balint Reczey <balint@balintreczey.hu>:
You have taken responsibility.
(Sat, 12 Nov 2016 12:21:04 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sat, 12 Nov 2016 12:21:04 GMT) (full text, mbox, link).
Message #22 received at 842090-close@bugs.debian.org (full text, mbox, reply):
Source: libwmf
Source-Version: 0.2.8.4-10.6
We believe that the bug you reported is fixed in the latest version of
libwmf, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 842090@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Balint Reczey <balint@balintreczey.hu> (supplier of updated libwmf package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 31 Oct 2016 20:29:09 +0100
Source: libwmf
Binary: libwmf0.2-7 libwmf-bin libwmf-dev libwmf-doc
Architecture: source
Version: 0.2.8.4-10.6
Distribution: unstable
Urgency: medium
Maintainer: Loïc Minier <lool@debian.org>
Changed-By: Balint Reczey <balint@balintreczey.hu>
Description:
libwmf-bin - Windows metafile conversion tools
libwmf-dev - Windows metafile conversion development
libwmf-doc - Windows metafile documentation
libwmf0.2-7 - Windows metafile conversion library
Closes: 842090
Changes:
libwmf (0.2.8.4-10.6) unstable; urgency=medium
.
* Non-maintainer upload.
* Fix allocating huge block of memory (CVE-2016-9011) (Closes: #842090)
Checksums-Sha1:
b5dad256eec422a8e5416d7928cdc4bca4788280 2064 libwmf_0.2.8.4-10.6.dsc
e5135e232af780f2ed036e1e431516cec1c6b56f 11252 libwmf_0.2.8.4-10.6.debian.tar.xz
Checksums-Sha256:
860bbc5b3cd947b837961155b511e54e6fa75f935d0aed6872e5c9884b0c8aac 2064 libwmf_0.2.8.4-10.6.dsc
081524291f605a7cb3ef1fe519e7da77b3b7c13d925f4368edcc72cb2c6fa259 11252 libwmf_0.2.8.4-10.6.debian.tar.xz
Files:
86e92a2945ed5d8f5481ce03c0101616 2064 libs optional libwmf_0.2.8.4-10.6.dsc
900a01295cfb94813a37c701ab899121 11252 libs optional libwmf_0.2.8.4-10.6.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJYGc66AAoJEPZk0la0aRp9ghsQAMB8u8Kq/m3dMjK7P/dl2KX0
5XS2sJLdjel90PkVyVi5HrUTCecwv0wR9YSXZSrxY0WibjxzWuQoApn6XBR4t/HS
SN5sKVAUxt9hGMD6LjyOBaLl5eh91iNASOytXUPTv0furxJ9RSAelPbnnAYmxvIF
caCCVtK8ibwOkpaM3jyYnSZ50aVD3qLHwMFd4/4IVulL7mzyH0mW3ZK7Ifhof3I3
55WBdg4LQiqyyKDXN6+mmXbCGKvVwx2Y7XG38/O2ImUCX6FzPiCFWno18TiG0LA4
yBLkn6ld1zVr7AlbqDjyq/vOm38c88fQSv8EjrrYouuCpQqRiazTrVvI2djbZ/AY
ZlxDN4NKjJOjtlW1mIHUoktWrwVb9fj6p12mgxn55+jAquyAx9RREQg7n9TFvt2z
FY6l5HBPivGjDDrpu83SaztFFi6rdG0Un0QLJCuUUE1CnCSnRtfzmTjOes5L2eHk
A9hY2UfFl1XNZA7nPkgCVu4/84xiotqoWkaiDiqd3bUwajCQY1JLM9R9QQ5H8+YS
mjA9dCorjMeXdgTQp+0BNNgbRYOZcsj2m+8htC50lbxi5aklwTk4jdxf4rkqw7U8
w64OKWkMRixXkLEM6n0TciG14Csc3dy4wgl8KuiecZu43ZpojoX2qeS72pakEoDr
x6SZmAr+cTdVqwcFznrk
=TjA+
-----END PGP SIGNATURE-----
Reply sent
to Balint Reczey <balint@balintreczey.hu>:
You have taken responsibility.
(Wed, 14 Dec 2016 21:06:06 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Wed, 14 Dec 2016 21:06:07 GMT) (full text, mbox, link).
Message #27 received at 842090-close@bugs.debian.org (full text, mbox, reply):
Source: libwmf
Source-Version: 0.2.8.4-10.3+deb8u2
We believe that the bug you reported is fixed in the latest version of
libwmf, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 842090@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Balint Reczey <balint@balintreczey.hu> (supplier of updated libwmf package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 02 Nov 2016 12:56:21 +0100
Source: libwmf
Binary: libwmf0.2-7 libwmf-bin libwmf-dev libwmf-doc
Architecture: source amd64 all
Version: 0.2.8.4-10.3+deb8u2
Distribution: jessie
Urgency: medium
Maintainer: Loïc Minier <lool@debian.org>
Changed-By: Balint Reczey <balint@balintreczey.hu>
Description:
libwmf-bin - Windows metafile conversion tools
libwmf-dev - Windows metafile conversion development
libwmf-doc - Windows metafile documentation
libwmf0.2-7 - Windows metafile conversion library
Closes: 842090
Changes:
libwmf (0.2.8.4-10.3+deb8u2) stable; urgency=medium
.
* LTS Team upload.
* Fix allocating huge block of memory (CVE-2016-9011) (Closes: #842090)
Checksums-Sha1:
344c549599967eb0f9967392acfc711ac5770d35 2094 libwmf_0.2.8.4-10.3+deb8u2.dsc
dac7eac674fd10a725da7e4a1fd26b4cd9d02e39 11236 libwmf_0.2.8.4-10.3+deb8u2.debian.tar.xz
5add1e1901365e0f91c219295d5546b6bce4d57d 163282 libwmf0.2-7_0.2.8.4-10.3+deb8u2_amd64.deb
2221790affe8d9e17ec233cd151e199190ec5a6d 33388 libwmf-bin_0.2.8.4-10.3+deb8u2_amd64.deb
2ee92335d8661e7b2c215142d8ac2d1487e811e7 185576 libwmf-dev_0.2.8.4-10.3+deb8u2_amd64.deb
73e60de9172c8ae5b038022b40b35977701c110f 232112 libwmf-doc_0.2.8.4-10.3+deb8u2_all.deb
Checksums-Sha256:
6ade76bd09b35003d47c14159dacd1682ce167354b2eb7360cb9a5751e86e527 2094 libwmf_0.2.8.4-10.3+deb8u2.dsc
fb9cbf819c377c229153b16f8a1b3b9b029d7d4ef61360108654bcf8612ae95d 11236 libwmf_0.2.8.4-10.3+deb8u2.debian.tar.xz
1ff2efdd0c22fb2f812f00d772d9155852d38e92f13f2551e539594d473f0bd0 163282 libwmf0.2-7_0.2.8.4-10.3+deb8u2_amd64.deb
263c48349a0eeb0eaeda13d577c8d0ac30be68985d123f6f8cc873f14bb3b7d6 33388 libwmf-bin_0.2.8.4-10.3+deb8u2_amd64.deb
855ab1275264ce4a6ae3ac4119c34bcf805faa9b2f223e8a180d4260a91f0038 185576 libwmf-dev_0.2.8.4-10.3+deb8u2_amd64.deb
fe8492f875e0b25c0f16aaead4f951173d28699b18461c71c28c895c8d81887a 232112 libwmf-doc_0.2.8.4-10.3+deb8u2_all.deb
Files:
e41e05df81512571ea2bb19714e83333 2094 libs optional libwmf_0.2.8.4-10.3+deb8u2.dsc
b598e2d67812f36980e59d25a9608c78 11236 libs optional libwmf_0.2.8.4-10.3+deb8u2.debian.tar.xz
366968e0d4b87c64955d75c9064e04c1 163282 libs optional libwmf0.2-7_0.2.8.4-10.3+deb8u2_amd64.deb
e8c643b9324f10b9b4e78faebf5d2c0c 33388 graphics optional libwmf-bin_0.2.8.4-10.3+deb8u2_amd64.deb
3577c5bed7fa0ab2f4bf9e514d29f08f 185576 libdevel optional libwmf-dev_0.2.8.4-10.3+deb8u2_amd64.deb
166a0bc47a0b61d02bffb95ea5848572 232112 doc optional libwmf-doc_0.2.8.4-10.3+deb8u2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJYTIYHAAoJEPZk0la0aRp9VsEP/3iwNbIfOMHZtRBt4pRMHGzv
+TG3ZDMJBBiwp6WYdEDvkw14ZYA30S4ObGkv0zQS2cpaImDwqTQMvryUe7ZAtOjk
SUwO4dzJVVHY6ACVNys0DPIbZE0+1cMtw4g8VPpCBFOXqRVUyEN8LlTRjIKejoq+
InphR1zYOpz4sSdeS7OQqCwXM00GRD+npZnISUv/MaVDHgszRZ7yOMDa+m8odeoC
PUMEzA2FfRCRzu6QTKF1ASfR8jKTvi1yBPemwh0aSkl9OZ+bvbgR8eHZJVbANsOX
rC51OuFsx70PrD6C1Uiwwt+Mti5qaQnSVzdcgFDUPnPbvMzdFb9S5tJMoG7bPwAJ
U6+D9a3U6krI5kM7c0EizmFNFlldeEWYNYSki1CZy0p+dJOw/lmz2uTmsNBPkd3f
5LrjRvrzBSvnuIGN1nf1WubA5QYoba8cnDgtNyvVqTlbZGLOjATftFbn2mhhG+QM
Bme2wMou1GbOZWbLRQHEOM+7RjAMSAJeqypAImBC/GnFxpc47+oOz08Iqzyu10/v
gLsE6y7PrX48VTmByASLx1Xoe1XB8kvX4hCAu5k6q/T7cFpp/qGWyKztKhWGVESB
cxRYZv6Ym+ShKhQ0OsJhRjmcpU+RO/pcWOmYRoG4ivaf7aje3WvbM/DBNtkpjV5E
raD/rNfcFma8P32bgM3p
=ClUy
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Fri, 27 Jan 2017 11:48:10 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:35:39 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon