Bug#526434: libwmf: proposed debdiff to fix CVE-2009-1364

Wed, 06 May 2009 00:44:13 -0700 

Hi,

I've prepared a NMU to fix CVE-2009-1364 in oldstable, stables, and unstable.

Proposed trivial debdiffs in attachment.

Cheers,
Giuseppe.

diff -u libwmf-0.2.8.4/debian/changelog libwmf-0.2.8.4/debian/changelog
--- libwmf-0.2.8.4/debian/changelog
+++ libwmf-0.2.8.4/debian/changelog
@@ -1,3 +1,11 @@
+libwmf (0.2.8.4-2+etch1) oldstable-security; urgency=high
+
+  * Non-maintainer upload.
+  * Fixed Use-after-free vulnerability in the embedded GD library
+    (Closes: #526434) (CVE-2009-1364)
+
+ -- Giuseppe Iuculano <giuse...@iuculano.it>  Wed, 06 May 2009 09:33:49 +0200
+
 libwmf (0.2.8.4-2) unstable; urgency=high
 
   * src/player.c: Fix integer overflow vulnerability.  [CVE-2006-3376]
only in patch2:
unchanged:
--- libwmf-0.2.8.4.orig/src/extra/gd/gd_clip.c
+++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c
@@ -70,6 +70,7 @@
        {       more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof 
(gdClipRectangle));
                if (more == 0) return;
                im->clip->max += 8;
+               im->clip->list = more;
        }
        im->clip->list[im->clip->count] = (*rect);
        im->clip->count++;

diffstat for libwmf_0.2.8.4-6 libwmf_0.2.8.4-6+lenny1

 libwmf-0.2.8.4/debian/changelog |    8 ++++++++
 src/extra/gd/gd_clip.c          |    1 +
 2 files changed, 9 insertions(+)

diff -u libwmf-0.2.8.4/debian/changelog libwmf-0.2.8.4/debian/changelog
--- libwmf-0.2.8.4/debian/changelog
+++ libwmf-0.2.8.4/debian/changelog
@@ -1,3 +1,11 @@
+libwmf (0.2.8.4-6.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Fixed Use-after-free vulnerability in the embedded GD library
+    (Closes: #526434) (CVE-2009-1364)
+
+ -- Giuseppe Iuculano <giuse...@iuculano.it>  Wed, 06 May 2009 09:19:49 +0200
+
 libwmf (0.2.8.4-6) unstable; urgency=low
 
   * Upload to unstable.
only in patch2:
unchanged:
--- libwmf-0.2.8.4.orig/src/extra/gd/gd_clip.c
+++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c
@@ -70,6 +70,7 @@
        {       more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof 
(gdClipRectangle));
                if (more == 0) return;
                im->clip->max += 8;
+               im->clip->list = more;
        }
        im->clip->list[im->clip->count] = (*rect);
        im->clip->count++;

diffstat for libwmf_0.2.8.4-6 libwmf_0.2.8.4-6+lenny1

 libwmf-0.2.8.4/debian/changelog |    8 ++++++++
 src/extra/gd/gd_clip.c          |    1 +
 2 files changed, 9 insertions(+)

diff -u libwmf-0.2.8.4/debian/changelog libwmf-0.2.8.4/debian/changelog
--- libwmf-0.2.8.4/debian/changelog
+++ libwmf-0.2.8.4/debian/changelog
@@ -1,3 +1,11 @@
+libwmf (0.2.8.4-6+lenny1) stable-security; urgency=high
+
+  * Non-maintainer upload.
+  * Fixed Use-after-free vulnerability in the embedded GD library
+    (Closes: #526434) (CVE-2009-1364)
+
+ -- Giuseppe Iuculano <giuse...@iuculano.it>  Wed, 06 May 2009 09:19:49 +0200
+
 libwmf (0.2.8.4-6) unstable; urgency=low
 
   * Upload to unstable.
only in patch2:
unchanged:
--- libwmf-0.2.8.4.orig/src/extra/gd/gd_clip.c
+++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c
@@ -70,6 +70,7 @@
        {       more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof 
(gdClipRectangle));
                if (more == 0) return;
                im->clip->max += 8;
+               im->clip->list = more;
        }
        im->clip->list[im->clip->count] = (*rect);
        im->clip->count++;

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to