Debian: New lcms packages fix multiple vulnerabilities
Posted by Benjamin D. Thomas   
Debian Inadequate enforcement of fixed-length buffer limits allows an attacker to overflow a buffer on the stack, potentially enabling the execution of arbitrary code when a maliciously-crafted image is opened.
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1684                    security@debian.org
http://www.debian.org/security/                           Devin Carraway
December 10, 2008                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : lcms
Vulnerability  : multiple vulnerabilities
Problem type   : local (remote)
Debian-specific: no
CVE Id(s)      : CVE-2008-5316 CVE-2008-5317

Two vulnerabilities have been found in lcms, a library and set of
commandline utilities for image color management.  The Common
Vulnerabilities and Exposures project identifies the following
problems:

CVE-2008-5316

    Inadequate enforcement of fixed-length buffer limits allows an
    attacker to overflow a buffer on the stack, potentially enabling
    the execution of arbitrary code when a maliciously-crafted
    image is opened.

CVS-2008-5317

    An integer sign error in reading image gamma data could allow an
    attacker to cause an under-sized buffer to be allocated for
    subsequent image data, with unknown consequences potentially
    including the execution of arbitrary code if a maliciously-crafted
    image is opened.

For the stable distribution (etch), these problems have been fixed in
version 1.14-1.1+etch1.

For the upcoming stable distribution (lenny), and the unstable
distribution (sid), these problems are fixed in version 1.17.dfsg-1.

We recommend that you upgrade your lcms packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/l/lcms/lcms_1.15-1.1+etch1.diff.gz
    Size/MD5 checksum:     2000 10fb445280ea38542701017292ffb1ca
  http://security.debian.org/pool/updates/main/l/lcms/lcms_1.15.orig.tar.gz
    Size/MD5 checksum:   791543 95a710dc757504f6b02677c1fab68e73
  http://security.debian.org/pool/updates/main/l/lcms/lcms_1.15-1.1+etch1.dsc
    Size/MD5 checksum:      636 188344016765736e5690a669a6dce88b

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_alpha.deb
    Size/MD5 checksum:   179622 a64aa233ae03aa942c34e28af411f5fe
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_alpha.deb
    Size/MD5 checksum:   153452 12b7bbd297ef50a85f19da90d1c4f30f
  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_alpha.deb
    Size/MD5 checksum:    61580 a821798d40f1d0990a053b825db129a8

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_amd64.deb
    Size/MD5 checksum:    53284 7eb60db022f80565251a0e4d9cadd8b2
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_amd64.deb
    Size/MD5 checksum:   140288 2b3fa89b3757f0431e2ab3e44f7d1c08
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_amd64.deb
    Size/MD5 checksum:   147692 e8be34ecb4af9f7cfe1e51c759fc2c27

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_arm.deb
    Size/MD5 checksum:   135546 523110a99549778b3a5a9ddf38b381e5
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_arm.deb
    Size/MD5 checksum:   135376 0e4f0fabbc9a04bc593f1887a1bcf35f
  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_arm.deb
    Size/MD5 checksum:    50962 7f38a7371ca57f25080f227a3a3b373a

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_hppa.deb
    Size/MD5 checksum:   168420 e5aab4f34d88b9f8aefd43fed5f2fe78
  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_hppa.deb
    Size/MD5 checksum:    59120 88bf9add52df55b353d0d26508486a96
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_hppa.deb
    Size/MD5 checksum:   157652 30f8396d4f78363befd2e0d72b9e56a8

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_i386.deb
    Size/MD5 checksum:   137296 46695836065eb7b734e02706191872f7
  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_i386.deb
    Size/MD5 checksum:    50592 4a0ca0dc60e6e212bf3692b2785b088b
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_i386.deb
    Size/MD5 checksum:   143282 850ff5b97f347775c1daad08280a5b38

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_ia64.deb
    Size/MD5 checksum:   204162 abd829e3c02d54dc911aa4abe343e377
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_ia64.deb
    Size/MD5 checksum:   195094 5766c05fb15abe32d908f7b607464bb7
  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_ia64.deb
    Size/MD5 checksum:    78422 6176b8abb40f4dc50ed80472fe835fa5

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_mips.deb
    Size/MD5 checksum:    51508 20274ee9af873cf1760fad77d4cb5720
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_mips.deb
    Size/MD5 checksum:   172570 4dc3f233db7f2c15b26b39a04e7dd1ba
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_mips.deb
    Size/MD5 checksum:   149190 db10ac87adfd9698890428f3119045fd

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_mipsel.deb
    Size/MD5 checksum:   150390 62a81236533a4b708919367d5939d34c
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_mipsel.deb
    Size/MD5 checksum:   173934 d8618284820cf47bc677c185c6ea5c39
  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_mipsel.deb
    Size/MD5 checksum:    52142 2213c852eaab6fbfee23031401214ecd

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_powerpc.deb
    Size/MD5 checksum:   147308 d0c6bcfe7a23740f15b4e8dae4b9ea74
  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_powerpc.deb
    Size/MD5 checksum:    57630 cc7b4fc9ca44268952ef4b9fc97fe631
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_powerpc.deb
    Size/MD5 checksum:   147710 8b586e00c2f39017bd2d51e0632297af

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_s390.deb
    Size/MD5 checksum:   142054 622fed5f31c26119ca611e5c5aa79b1d
  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_s390.deb
    Size/MD5 checksum:    54150 45b3c4c471d977b53d40a2ab57e63591
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_s390.deb
    Size/MD5 checksum:   144324 f8f15540a7cdbcfe5fc32fe40b3e459b

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/l/lcms/liblcms1-dev_1.15-1.1+etch1_sparc.deb
    Size/MD5 checksum:   146618 2e09901e82467a8e02e12c958bf699db
  http://security.debian.org/pool/updates/main/l/lcms/liblcms-utils_1.15-1.1+etch1_sparc.deb
    Size/MD5 checksum:    51410 7622942be787382b8abc72e9d709aeb8
  http://security.debian.org/pool/updates/main/l/lcms/liblcms1_1.15-1.1+etch1_sparc.deb
    Size/MD5 checksum:   137480 111c3ff8c742773fc12237147f6d138c


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org