DSA 1814-1: New libsndfile packages fix arbitrary code execution  

Posted by Daniela Mehler

"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA-1814-1 security@debian.org
http://www.debian.org/security/ Nico Golde
June 13th, 2009 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : libsndfile
Vulnerability : heap-based buffer overflow
Problem type : local (remote)
Debian-specific: no
Debian bug : 528650
CVE ID : CVE-2009-1788 CVE-2009-1791


Two vulnerabilities have been found in libsndfile, a library to read
and write sampled audio data. The Common Vulnerabilities and Exposures
project identified the following problems:

Tobias Klein discovered that the VOC parsing routines suffer of a heap-based
buffer overflow which can be triggered by an attacker via a crafted VOC
header (CVE-2009-1788).

The vendor discovered that the AIFF parsing routines suffer of a heap-based
buffer overflow similar to CVE-2009-1788 which can be triggered by an attacker
via a crafted AIFF header (CVE-2009-1791).

In both cases the overflowing data is not completely attacker controlled but
still leads to application crashes or under some circumstances might still
lead to arbitrary code execution.


For the oldstable distribution (etch), this problem has been fixed in
version 1.0.16-2+etch2.

For the stable distribution (lenny), this problem has been fixed in
version 1.0.17-4+lenny2.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 1.0.20-1.


We recommend that you upgrade your libsndfile packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.16-2+etch2.dsc
Size/MD5 checksum: 659 fe69a3bbf260e7539ec189fe9d81889d
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.16-2+etch2.diff.gz
Size/MD5 checksum: 6453 8a43fb7713b8247bd1e5f1bf7a6e9923
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.16.orig.tar.gz
Size/MD5 checksum: 857117 773b6639672d39b6342030c7fd1e9719

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch2_alpha.deb
Size/MD5 checksum: 400794 04c86699fad7bfa734f6db94e7814574
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2+etch2_alpha.deb
Size/MD5 checksum: 222774 f6411ea0366b55e8cdcd308f51af7aaa
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch2_alpha.deb
Size/MD5 checksum: 72500 fb13ac77eec3b3cb791b0d05dc4abce1

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch2_amd64.deb
Size/MD5 checksum: 70818 efc9612d010aa0e9f260e4726f7fd809
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2+etch2_amd64.deb
Size/MD5 checksum: 187554 1ad927a4dde060a045052031c6dee298
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch2_amd64.deb
Size/MD5 checksum: 322608 0b5e2551db19f1e67d90fb402a3e4b55

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2+etch2_hppa.deb
Size/MD5 checksum: 236528 9a134046572d39fef1a8344ecdca0a23
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch2_hppa.deb
Size/MD5 checksum: 75046 bd7b926daab6bef2036398a3ab07527c
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch2_hppa.deb
Size/MD5 checksum: 375188 67a8110d0f4a87618af8e8d45ae24349

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch2_i386.deb
Size/MD5 checksum: 320972 5d76ff009184ad5345a54e8d8194fffe
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch2_i386.deb
Size/MD5 checksum: 71000 7ebac264cb5b8ffa89f25d3ccc1a75cc
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2+etch2_i386.deb
Size/MD5 checksum: 198076 260d7f6aa38f89f8977a3ad49e990b43

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch2_ia64.deb
Size/MD5 checksum: 76026 cbe650d86af4ecc63a69056fd75eca87
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2+etch2_ia64.deb
Size/MD5 checksum: 270996 9cace4aabe93c43722c432b6c4e4442e
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch2_ia64.deb
Size/MD5 checksum: 416638 df26e7f277e084280ffdc817ae53b7f3

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2+etch2_mips.deb
Size/MD5 checksum: 217472 10109974f4c321580f791bf5e49124e7
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch2_mips.deb
Size/MD5 checksum: 73040 a9f2a80bc90165a3e92903f4edc444da
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch2_mips.deb
Size/MD5 checksum: 374506 f6c67974732dd1de4bd3a9158f3c1c20

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch2_mipsel.deb
Size/MD5 checksum: 73062 a508b896c5de5ebd5dff792afff15c29
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2+etch2_mipsel.deb
Size/MD5 checksum: 216994 96315e55d624bee6e44d015d37c710c1
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch2_mipsel.deb
Size/MD5 checksum: 373658 65ed601088e7b02b509556d11dcd8d1d

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch2_powerpc.deb
Size/MD5 checksum: 351902 a4123d15745b1eb1af28fdb78b63bd82
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch2_powerpc.deb
Size/MD5 checksum: 76584 0f5fae422385aa9d839be192aed31444
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2+etch2_powerpc.deb
Size/MD5 checksum: 207620 557e216bb6625ee2352b161474f0d5c0

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2+etch2_s390.deb
Size/MD5 checksum: 221198 664d13a054568b329e4d625a0b5038e0
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch2_s390.deb
Size/MD5 checksum: 73066 89616dead6b5d3a2847e2536b8cb072b
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch2_s390.deb
Size/MD5 checksum: 346752 85718e326019f4eb3a45daf2e67b3c1a

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2+etch2_sparc.deb
Size/MD5 checksum: 339010 4d7c07314114134799a36c801ab1f49e
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2+etch2_sparc.deb
Size/MD5 checksum: 70940 88eb23fe6f813ecd026131c863bf41f8
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2+etch2_sparc.deb
Size/MD5 checksum: 208148 68df6e036a2a22376e3974f614115014


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.17-4+lenny2.dsc
Size/MD5 checksum: 1134 51d9eb65dd02a51f539d841417d49f1b
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.17-4+lenny2.diff.gz
Size/MD5 checksum: 10627 2325910ddaba0afbdd7e317e38970bb8
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.17.orig.tar.gz
Size/MD5 checksum: 819456 2d126c35448503f6dbe33934d9581f6b

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_alpha.deb
Size/MD5 checksum: 226090 e2b9f5ad19011d18709d4cedaade37fa
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_alpha.deb
Size/MD5 checksum: 410994 8483cb52b025c5daf82e8bb8c79e975f
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_alpha.deb
Size/MD5 checksum: 74138 f7ff92888db92ee16c39d31a34b458ba

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_amd64.deb
Size/MD5 checksum: 191352 a7fcfefe56bbe623aedf4c1a716fbd7c
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_amd64.deb
Size/MD5 checksum: 73166 95ae8a7f7cc414b590492a5ccb8b54bb
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_amd64.deb
Size/MD5 checksum: 333800 c082042884f8aa7d54456c7edda82505

arm architecture (ARM)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_arm.deb
Size/MD5 checksum: 217242 b1d688c41ee46c865b28dec19d7138f1
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_arm.deb
Size/MD5 checksum: 74296 2d60cc9b8e2a586ddf7f69a3550db4ac
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_arm.deb
Size/MD5 checksum: 349034 2cb39ad7ca3213b2e377445d4f05204f

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_armel.deb
Size/MD5 checksum: 76490 091e276cadfdcf6d1d7f6981775a2a22
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_armel.deb
Size/MD5 checksum: 220838 c303edbc05beebb5021928367c49cdc9
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_armel.deb
Size/MD5 checksum: 355852 d3382eaacdfb9f6c85b0ff68feade506

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_hppa.deb
Size/MD5 checksum: 236520 23c8272b8abd38f01079b0b6026864cf
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_hppa.deb
Size/MD5 checksum: 76920 d20fe4a5f04535145a1816db5a32df71
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_hppa.deb
Size/MD5 checksum: 379156 f0499c6fd090c1898de78c5976ca78b0

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_i386.deb
Size/MD5 checksum: 72948 2b409333b2ddfc6abac2c5e8a3fa4c52
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_i386.deb
Size/MD5 checksum: 326262 a12481a50bc8e4d3ca8d42114a109261
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_i386.deb
Size/MD5 checksum: 196632 929743d1597c465e4cf871698c8643a2

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_ia64.deb
Size/MD5 checksum: 274624 793a250f573b51eb3c236cceb1a1bfd5
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_ia64.deb
Size/MD5 checksum: 430950 d9c31e7271ec506ed8fb427c1428064a
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_ia64.deb
Size/MD5 checksum: 77798 984421618e44f369931120c39264ae45

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_mips.deb
Size/MD5 checksum: 214948 a0e0e337d7902d1ef6a2a289c673f872
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_mips.deb
Size/MD5 checksum: 381394 099c34ac8b3251378b923078d8b1b863
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_mips.deb
Size/MD5 checksum: 75114 51ff1f2c3b21029e6b3f023756ae7f69

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_mipsel.deb
Size/MD5 checksum: 379494 fc38dea8e6242b7b6562dff24a8fcdfd
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_mipsel.deb
Size/MD5 checksum: 215384 ca2207de85164e39282dd1c47c8a4dc2
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_mipsel.deb
Size/MD5 checksum: 74968 b305260d39f855ec6d5abc650072753e

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_powerpc.deb
Size/MD5 checksum: 362142 0a4bc9e2ca82e625114545bfa00ba442
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_powerpc.deb
Size/MD5 checksum: 212946 2a579d5238131e888a8608f28c8c1b4c
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_powerpc.deb
Size/MD5 checksum: 81158 9f00494a4f70a89e114c8f9c8e1f70e2

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_s390.deb
Size/MD5 checksum: 355712 f00055811535af5da4e6177e5641bb9a
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_s390.deb
Size/MD5 checksum: 220080 f0fa6c86da09f962c5ee0ed8783164ac
http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_s390.deb
Size/MD5 checksum: 75230 a2a5d37ef8bb4129eaf0d33dabce9e57

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.17-4+lenny2_sparc.deb
Size/MD5 checksum: 73614 d3cd01e6c95f41efa016fa1e470cb300
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.17-4+lenny2_sparc.deb
Size/MD5 checksum: 342854 adbc2be1b13fc19b709c5a300532d6c6
http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.17-4+lenny2_sparc.deb
Size/MD5 checksum: 206250 f2971a5a5d4ac6ffde7c61257745d95e


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkozv60ACgkQHYflSXNkfP/NhgCgkY9naVwXzps37xOEAEXPKh03
YbgAmwSVkKF8BIfWhoqHYySdNUdZBakX
=dawU
-----END PGP SIGNATURE-----
"

This entry was posted on 8:55 PM .