Login
Newsletter
Werbung
Sicherheit: Pufferüberläufe in abiword
Aktuelle Meldungen Distributionen
Name: Pufferüberläufe in abiword
ID: DSA-894-1
Distribution: Debian
Plattformen: Debian woody
Datum: Mo, 14. November 2005, 15:02
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2964
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2972
Applikationen: AbiWord

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 894-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
November 14th, 2005                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : abiword
Vulnerability  : buffer overflows
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2005-2964 CVE-2005-2972

Chris Evans discoverd several buffer overflows in the RTF import
mechanism of AbiWord, a WYSIWYG word processor based on GTK 2.
Opening a specially crafted RTF file could lead to the execution of
arbitrary code.

For the old stable distribution (woody) these problems have been fixed in
version 1.0.2+cvs.2002.06.05-1woody3.

For the stable distribution (sarge) these problems have been fixed in
version 2.2.7-3sarge2.

For the unstable distribution (sid) these problems have been fixed in
version 2.2.10-1.

We recommend that you upgrade your abiword package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    abiword_1.0.2+cvs.2002.06.05-1woody3.dsc
      Size/MD5 checksum:     1159 9210aac9957b6cd207775862a1d45f1f
    abiword_1.0.2+cvs.2002.06.05-1woody3.diff.gz
      Size/MD5 checksum:    50123 0f3df3436e43ce1d5da4b4c21e221bcf
    abiword_1.0.2+cvs.2002.06.05.orig.tar.gz
      Size/MD5 checksum: 16407034 0b0e1f3e42a0627a28cea970b099049d

  Architecture independent components:

    abiword-doc_1.0.2+cvs.2002.06.05-1woody3_all.deb
      Size/MD5 checksum:   950320 d222e537587d9f91fd38efc9841a58e6
    xfonts-abi_1.0.2+cvs.2002.06.05-1woody3_all.deb
      Size/MD5 checksum:   189488 7ba0f3d31f29c1cebfea82a0d231d8f5

  Alpha architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_alpha.deb
      Size/MD5 checksum:    12432 653ab5c780287dbfaa8bbead1d363660
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_alpha.deb
      Size/MD5 checksum:   538646 bcf2ed542e765437affef0fe8541bc3c
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_alpha.deb
      Size/MD5 checksum:  2069386 e019b8b99668ef96371cabdfcc21ed06
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_alpha.deb
      Size/MD5 checksum:  1873858 a8088abfbde086249c7395d5994a6b83
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_alpha.deb
      Size/MD5 checksum:   228334 c26e4e4f04a78e626ae7be7229c775f1

  ARM architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_arm.deb
      Size/MD5 checksum:    12434 0ec0f572955999a70ec02f76d1119d9f
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_arm.deb
      Size/MD5 checksum:   536150 ef7a99f7e9f0cef5da0e2125d90eb2f0
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_arm.deb
      Size/MD5 checksum:  1717184 e5db39f5e4b89bb66dad89166c0871c9
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_arm.deb
      Size/MD5 checksum:  1533566 335181116b612f32ff14c6b062920cf3
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_arm.deb
      Size/MD5 checksum:   154850 88e931183c56e22c21d2ed2b6eaf727f

  Intel IA-32 architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_i386.deb
      Size/MD5 checksum:    12426 143a7e0e6a86475b0a4faffaa56fe6c6
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_i386.deb
      Size/MD5 checksum:   533942 9f3d73ea537bbc7cc748f4b347011351
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_i386.deb
      Size/MD5 checksum:  1677506 997b0e28a6511258aa7e953189c8916d
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_i386.deb
      Size/MD5 checksum:  1491616 79a369d35495da551010c88fc5d16e53
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_i386.deb
      Size/MD5 checksum:   195028 4417655cdf87e452e533bfceff37035f

  Intel IA-64 architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_ia64.deb
      Size/MD5 checksum:    12432 ec6bc2b2b32291a24e96ac37e5bef700
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_ia64.deb
      Size/MD5 checksum:   542580 d5ee8d4850f02c4bd9a5eb148ff50e12
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_ia64.deb
      Size/MD5 checksum:  2122580 6cd0574acb80ae18d3c24fa535edfe64
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_ia64.deb
      Size/MD5 checksum:  1940008 8bd8dae64327570f958940dc2de05152
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_ia64.deb
      Size/MD5 checksum:   311910 ecec1fedcaa4dd55feca35366f598dc4

  HP Precision architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_hppa.deb
      Size/MD5 checksum:    12438 03439f730ccf73e2bb456a98bdd2a489
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_hppa.deb
      Size/MD5 checksum:   538040 48c15aee57c59f9ac1d780819dbb7d95
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_hppa.deb
      Size/MD5 checksum:  2040050 f3557b782734406275a9c2d74cbdb83a
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_hppa.deb
      Size/MD5 checksum:  1821554 e6776a2c4b8ddf0a6ab11d3a1756fa2d
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_hppa.deb
      Size/MD5 checksum:   195884 fdd07179430b8b7cf70f1944e1ca8751

  Motorola 680x0 architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_m68k.deb
      Size/MD5 checksum:    12442 b39cce9869fd5ee33ee412c5671a761f
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_m68k.deb
      Size/MD5 checksum:   533170 1a26ef16fe1e79936b5af73b310b6279
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_m68k.deb
      Size/MD5 checksum:  1602928 ac5e6186a4f31bd97ab9efe5bfa380c6
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_m68k.deb
      Size/MD5 checksum:  1416324 93d883e59e22192a11a350302cf9f431
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_m68k.deb
      Size/MD5 checksum:   199740 b55f497320d2f7802bebccb506f11b46

  Big endian MIPS architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_mips.deb
      Size/MD5 checksum:    12432 6c7604ed802ecb0e7ddf09ee70697caf
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_mips.deb
      Size/MD5 checksum:   536262 036c7fd56f0a8a115241412bb8e528f8
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_mips.deb
      Size/MD5 checksum:  1701222 8c810e11612e5db201bf8506244041ce
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_mips.deb
      Size/MD5 checksum:  1513780 cd3a8526a63516ca89cae731b0e300ea
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_mips.deb
      Size/MD5 checksum:   205144 792becc9b4a78d16f775edf017bd4a67

  Little endian MIPS architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_mipsel.deb
      Size/MD5 checksum:    12434 7d9931545151f9918f9d0c7c019c58a4
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_mipsel.deb
      Size/MD5 checksum:   536510 343c499d62521e49626e99c50735ab96
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_mipsel.deb
      Size/MD5 checksum:  1663354 94b4d497ff7ddaa31e30afbe05057504
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_mipsel.deb
      Size/MD5 checksum:  1480888 00ebf5378e669c8437b5e385f94c6266
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_mipsel.deb
      Size/MD5 checksum:   203030 ad7dee7e51fbf887ac179d483f359cb6

  PowerPC architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_powerpc.deb
      Size/MD5 checksum:    12438 3ff0d444f6f5df023844d6ca05d91987
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_powerpc.deb
      Size/MD5 checksum:   534924 d2bbd28784670dc52bdef79879bde9c1
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_powerpc.deb
      Size/MD5 checksum:  1716328 67597faf110332672c4234af61228a34
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_powerpc.deb
      Size/MD5 checksum:  1527968 6b3677b16d1493ef075dcf2c565eaa46
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_powerpc.deb
      Size/MD5 checksum:   237680 a754e170740217157b2fc6f7960ff0c6

  IBM S/390 architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_s390.deb
      Size/MD5 checksum:    12432 899f2957c202bfd626ce04238ae7c355
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_s390.deb
      Size/MD5 checksum:   535210 6a83523ec1ad7f3789095bce0eec31c2
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_s390.deb
      Size/MD5 checksum:  1603804 f98f8c6be3063c920c174d74a87f51c0
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_s390.deb
      Size/MD5 checksum:  1417916 6dd76f6db3594c69591ef4fec624008e
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_s390.deb
      Size/MD5 checksum:   203268 2a247fc7a1ad5ad69a5550dde7e0e5f0

  Sun Sparc architecture:

    abiword_1.0.2+cvs.2002.06.05-1woody3_sparc.deb
      Size/MD5 checksum:    12434 cde846b41a0d618d5d854a0f63ab43ab
    abiword-common_1.0.2+cvs.2002.06.05-1woody3_sparc.deb
      Size/MD5 checksum:   537430 cbd8122f90526919114aa2caa26ab098
    abiword-gnome_1.0.2+cvs.2002.06.05-1woody3_sparc.deb
      Size/MD5 checksum:  1657026 d79737402458bb93fc4cfaa48d8e3b87
    abiword-gtk_1.0.2+cvs.2002.06.05-1woody3_sparc.deb
      Size/MD5 checksum:  1470474 18458d5e37c1e92df7d41bf67b9a4185
    abiword-plugins_1.0.2+cvs.2002.06.05-1woody3_sparc.deb
      Size/MD5 checksum:   193376 e49c7a03769332bf71fa4790c45e7261


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    abiword_2.2.7-3sarge2.dsc
      Size/MD5 checksum:     1115 c1a5491bde1e7de2ba60ef1ba07b6166
    abiword_2.2.7-3sarge2.diff.gz
      Size/MD5 checksum:    75303 75b31932db227cc609d28d84f8bf4478
    abiword_2.2.7.orig.tar.gz
      Size/MD5 checksum: 28441035 d07e581539479e615a0af0c0a92da9a3

  Architecture independent components:

    abiword-common_2.2.7-3sarge2_all.deb
      Size/MD5 checksum:  1666180 b68247dabeb710edfa58172f5e40030f
    abiword-doc_2.2.7-3sarge2_all.deb
      Size/MD5 checksum:  4085558 67faed1f27bc86f3fa2815d3ae058e17
    abiword-help_2.2.7-3sarge2_all.deb
      Size/MD5 checksum:   558460 c3cbd4e961b18476ca7f5e6ddd4e6dba
    xfonts-abi_2.2.7-3sarge2_all.deb
      Size/MD5 checksum:    20698 05bf556dd85be4428a0911b6c3d87b4b

  Alpha architecture:

    abiword_2.2.7-3sarge2_alpha.deb
      Size/MD5 checksum:  2865468 bcb120ac51e1809db9efae4768f66238
    abiword-gnome_2.2.7-3sarge2_alpha.deb
      Size/MD5 checksum:  2864100 778e462ca4a0aca78a673adf2d68b5e6
    abiword-plugins_2.2.7-3sarge2_alpha.deb
      Size/MD5 checksum:   400976 916e7890de15b4cc814ef837bee6871e
    abiword-plugins-gnome_2.2.7-3sarge2_alpha.deb
      Size/MD5 checksum:    28442 48350140d2bf3f0921a6259ecf61f5f0

  AMD64 architecture:

    abiword_2.2.7-3sarge2_amd64.deb
      Size/MD5 checksum:  2491560 6d37138df657bc275460f4931270b825
    abiword-gnome_2.2.7-3sarge2_amd64.deb
      Size/MD5 checksum:  2484660 fa827b78a857ab7373cc022bdf01deff
    abiword-plugins_2.2.7-3sarge2_amd64.deb
      Size/MD5 checksum:   369462 0e91af63f0fa42f4bc3533517a3d07f8
    abiword-plugins-gnome_2.2.7-3sarge2_amd64.deb
      Size/MD5 checksum:    27992 5eb8d30bd1f5503ce2523bdd807e9edc

  ARM architecture:

    abiword_2.2.7-3sarge2_arm.deb
      Size/MD5 checksum:  2432880 e4703f6e9beb651dd91439303d1373df
    abiword-gnome_2.2.7-3sarge2_arm.deb
      Size/MD5 checksum:  2423262 2637f435c5d0861d0f64d56395768ff3
    abiword-plugins_2.2.7-3sarge2_arm.deb
      Size/MD5 checksum:   349248 b385c171802de8078538a8f8b7a63f3d
    abiword-plugins-gnome_2.2.7-3sarge2_arm.deb
      Size/MD5 checksum:    27510 811da755de8247e13d37e0b1a5882926

  Intel IA-32 architecture:

    abiword_2.2.7-3sarge2_i386.deb
      Size/MD5 checksum:  2340952 c844959722131837db735280ffe0c192
    abiword-gnome_2.2.7-3sarge2_i386.deb
      Size/MD5 checksum:  2330434 911c26e1e23975bc795305e52ad53ce0
    abiword-plugins_2.2.7-3sarge2_i386.deb
      Size/MD5 checksum:   358584 ab6ed361e772bf4808dabc56a2880811
    abiword-plugins-gnome_2.2.7-3sarge2_i386.deb
      Size/MD5 checksum:    27854 12d4eeec28a3a7eff2d4777291c8f192

  Intel IA-64 architecture:

    abiword_2.2.7-3sarge2_ia64.deb
      Size/MD5 checksum:  3443314 d5cf969d1db44c587f22d3cfe2eaaebf
    abiword-gnome_2.2.7-3sarge2_ia64.deb
      Size/MD5 checksum:  3446838 8ed0533abdeebfb82cebe0ac1a8328e7
    abiword-plugins_2.2.7-3sarge2_ia64.deb
      Size/MD5 checksum:   450116 78ebf500c547a25485b84aa716eab7e7
    abiword-plugins-gnome_2.2.7-3sarge2_ia64.deb
      Size/MD5 checksum:    29816 f22cfa0f5096cea6af8afefc245bb031

  HP Precision architecture:

    abiword_2.2.7-3sarge2_hppa.deb
      Size/MD5 checksum:  2811614 72e51c5d4230663c93b6f3028b420cba
    abiword-gnome_2.2.7-3sarge2_hppa.deb
      Size/MD5 checksum:  2803736 9358dfdc81bdbaeaaacb60af8f76ec2a
    abiword-plugins_2.2.7-3sarge2_hppa.deb
      Size/MD5 checksum:   436786 92df6cbe164a52330127c5b007f7efaf
    abiword-plugins-gnome_2.2.7-3sarge2_hppa.deb
      Size/MD5 checksum:    29178 288c641cc68192aa3b87df9fcb41c522

  Motorola 680x0 architecture:

    abiword_2.2.7-3sarge2_m68k.deb
      Size/MD5 checksum:  2358090 2d566ecb5578b409cf5e3507df7bf8c9
    abiword-gnome_2.2.7-3sarge2_m68k.deb
      Size/MD5 checksum:  2348080 5e2397fa9869b2fb5590872c95fe22f1
    abiword-plugins_2.2.7-3sarge2_m68k.deb
      Size/MD5 checksum:   369286 d1530b8fcfb28dfa8787662d83634dcf
    abiword-plugins-gnome_2.2.7-3sarge2_m68k.deb
      Size/MD5 checksum:    27716 881587416e5eb97885bf17f72fed15a8

  Big endian MIPS architecture:

    abiword_2.2.7-3sarge2_mips.deb
      Size/MD5 checksum:  2550988 81a84402b7a3066e61274f85afd6077a
    abiword-gnome_2.2.7-3sarge2_mips.deb
      Size/MD5 checksum:  2543624 9c184c2eacc4a13ba78e1e70ff59fbde
    abiword-plugins_2.2.7-3sarge2_mips.deb
      Size/MD5 checksum:   358192 1d221249ac1d7f23529dcc502c5320e0
    abiword-plugins-gnome_2.2.7-3sarge2_mips.deb
      Size/MD5 checksum:    28354 0625dceebbb691c3312fb1c14c36c743

  Little endian MIPS architecture:

    abiword_2.2.7-3sarge2_mipsel.deb
      Size/MD5 checksum:  2465622 e4d4d2a6f5994de907960cd14b05c662
    abiword-gnome_2.2.7-3sarge2_mipsel.deb
      Size/MD5 checksum:  2456260 5798ef734342be359769f84f2011bd1e
    abiword-plugins_2.2.7-3sarge2_mipsel.deb
      Size/MD5 checksum:   354070 d7cd62c4a5f25c28da61bcfbc9b16ccf
    abiword-plugins-gnome_2.2.7-3sarge2_mipsel.deb
      Size/MD5 checksum:    28300 fe5b25f2b7eed349e2274fa44ead79a2

  PowerPC architecture:

    abiword_2.2.7-3sarge2_powerpc.deb
      Size/MD5 checksum:  2473300 c6e7d9e9b32177ea2e4e2819b17338cb
    abiword-gnome_2.2.7-3sarge2_powerpc.deb
      Size/MD5 checksum:  2464070 df0769e09e53465b03659e958907c058
    abiword-plugins_2.2.7-3sarge2_powerpc.deb
      Size/MD5 checksum:   408478 13d12015c9dd09d94aef49b48a2a45c5
    abiword-plugins-gnome_2.2.7-3sarge2_powerpc.deb
      Size/MD5 checksum:    29892 a6f075e74ea0dee760efb42fa4244499

  IBM S/390 architecture:

    abiword_2.2.7-3sarge2_s390.deb
      Size/MD5 checksum:  2457050 65b8553d57b870b90ee4612391bbc63f
    abiword-gnome_2.2.7-3sarge2_s390.deb
      Size/MD5 checksum:  2451094 331bd8ec99321393a69276a087732767
    abiword-plugins_2.2.7-3sarge2_s390.deb
      Size/MD5 checksum:   364848 50217fdf5e9bceb77fb34ff455d8ab83
    abiword-plugins-gnome_2.2.7-3sarge2_s390.deb
      Size/MD5 checksum:    28282 3bca542474684673e0367596524b9132

  Sun Sparc architecture:

    abiword_2.2.7-3sarge2_sparc.deb
      Size/MD5 checksum:  2462406 571fcd01d80476714a8ddd87ce34ff17
    abiword-gnome_2.2.7-3sarge2_sparc.deb
      Size/MD5 checksum:  2453454 e72adac4cc33128729763bdf3e64177e
    abiword-plugins_2.2.7-3sarge2_sparc.deb
      Size/MD5 checksum:   343132 e9fa92049ac7b5b2d76ed58d9cb19273
    abiword-plugins-gnome_2.2.7-3sarge2_sparc.deb
      Size/MD5 checksum:    27502 8cc7425570da58d6e7adde0a5474f68b


  These files will probably be moved into the stable distribution on
  its next update.

-
 ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDeJSjW5ql+IAeqTIRAtHXAKCoyNaP6GitAWDx/g2cIXC/Da1YTwCePI+c
wcfX/C9J9OnzMnY6rm0iDSc=
=5IJR
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
 listmaster@lists.debian.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung