Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2008.0322 -- [Win][UNIX/Linux][Debian]
New exiftags packages fix several vulnerabilities
2 April 2008
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: exiftags
Publisher: Debian
Operating System: Debian GNU/Linux 4.0
Debian GNU/Linux 3.1
UNIX variants (UNIX, Linux, OSX)
Windows
Impact: Execute Arbitrary Code/Commands
Denial of Service
Access: Remote/Unauthenticated
CVE Names: CVE-2007-6356 CVE-2007-6355 CVE-2007-6354
Original Bulletin: http://www.debian.org/security/2008/dsa-1533
Comment: This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that
administrators running exiftags check for an updated version of
the software for their operating system.
Revision History: April 2 2008: Added patches for Debian 3.1
March 28 2008: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1533-2 security@debian.org
http://www.debian.org/security/ Devin Carraway
April 01, 2008 http://www.debian.org/security/faq
- - ------------------------------------------------------------------------
Package : exiftags
Vulnerability : insufficient input sanitizing
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2007-6354 CVE-2007-6355 CVE-2007-6356
Debian Bug : 457062
Christian Schmid and Meder Kydyraliev (Google Security) discovered a
number of vulnerabilities in exiftags, a utility for extracting EXIF
metadata from JPEG images. This update merely adds the packages for
Debian 3.1 sarge (oldstable) which were missing in the previous DSA.
The Common Vulnerabilities and Exposures project identified the
following three problems:
CVE-2007-6354
Inadequate EXIF property validation could lead to invalid memory
accesses if executed on a maliciously crafted image, potentially
including heap corruption and the execution of arbitrary code.
CVE-2007-6355
Flawed data validation could lead to integer overflows, causing
other invalid memory accesses, also with the potential for memory
corruption or arbitrary code execution.
CVE-2007-6356
Cyclical EXIF image file directory (IFD) references could cause
a denial of service (infinite loop).
For the stable distribution (etch), these problems have been fixed in
version 0.98-1.1+etch1.
For the oldstable distribution (sarge), these problems have been fixed
in version 0.98-1.1+0sarge1.
For the unstable distribution (sid), these problems have been fixed in
version 1.01-0.1.
Upgrade instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1.diff.gz
Size/MD5 checksum: 5131 3baa30a42f531580a502a3f3818ead56
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98.orig.tar.gz
Size/MD5 checksum: 50195 5a8a4057c4dac1d765da5f9ef4527bdf
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1.dsc
Size/MD5 checksum: 873 b85e0a4a382cac6a844af52e42c670bb
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_alpha.deb
Size/MD5 checksum: 63406 d4b9ee67dcfb07ef1bc6ab143bd50496
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_amd64.deb
Size/MD5 checksum: 56656 83688a1b3ec9c359a734f04bb985350d
arm architecture (ARM)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_arm.deb
Size/MD5 checksum: 56064 eb60a8336c020a588458bb07fb57c1bc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_hppa.deb
Size/MD5 checksum: 59824 be52ea467c6651b65a371895948005b4
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_i386.deb
Size/MD5 checksum: 52514 1850fa2d6b54fe1029553605509ef7cf
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_ia64.deb
Size/MD5 checksum: 76252 ce03fb64e959c8a2f24ad3744ca80fd5
m68k architecture (Motorola Mc680x0)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_m68k.deb
Size/MD5 checksum: 53120 8c98a08982680a42e1c6aab585faf487
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_mips.deb
Size/MD5 checksum: 60736 14cbe8b15c5260b969961cf4107da991
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_mipsel.deb
Size/MD5 checksum: 60040 3bdbbf546125a75c00800cb4039b25ab
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_powerpc.deb
Size/MD5 checksum: 54812 8d33fe8cb068bf1f02ce0c4a8cd3c8d0
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+0sarge1_s390.deb
Size/MD5 checksum: 58208 9e7eeadcaefc2fe90aa11ece173348e2
Debian GNU/Linux 4.0 alias etch
- - -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1.dsc
Size/MD5 checksum: 577 7b8743189acd9b4c0a7a25cabb5b753d
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1.diff.gz
Size/MD5 checksum: 5128 2f82244bd73046f31b07e77a7381dd15
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98.orig.tar.gz
Size/MD5 checksum: 50195 5a8a4057c4dac1d765da5f9ef4527bdf
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1_alpha.deb
Size/MD5 checksum: 62970 e481f4f8ce70b25a648a2d3678d48e07
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1_amd64.deb
Size/MD5 checksum: 57924 a5a6906e8d05beeffc763379a9c45ba2
arm architecture (ARM)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1_arm.deb
Size/MD5 checksum: 56278 b06bf3f7722f034096719c7153fae5bd
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1_i386.deb
Size/MD5 checksum: 52558 ceed89333fd99a11d26765390ae35871
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1_ia64.deb
Size/MD5 checksum: 75164 ca893189af6fe68536774bac7dd357a1
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1_mips.deb
Size/MD5 checksum: 61010 a5415b5fb389903c20c431a245fcb3fb
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1_mipsel.deb
Size/MD5 checksum: 60064 2961a652e3cb269a0671fe2281b2f017
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1_powerpc.deb
Size/MD5 checksum: 54734 23a4389bb781e0a054c1687986ac1b1a
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1_s390.deb
Size/MD5 checksum: 58988 38bf328294b2afe633ef99a5b97f3f1e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/e/exiftags/exiftags_0.98-1.1+etch1_sparc.deb
Size/MD5 checksum: 56132 d2e1cd3190fe528527beaacc2ef6be3f
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBR/HphGz0hbPcukPfAQIMhwgAlfBtUv2OIG9pd6b26OpGwV2zzXL7J23s
TCokCtRNFuzH/KhWIN/c1j8N9sZda6EwsKSQtP7VIsGFCOW0iSOMcnf5uxHnP2kl
m9+pPNn+HOBnqEU3Mj4f74rmpV/7d5yBnn20ap8IwGVjoYIqYJcPFnQrFEuNfFYY
tOaP+M74btA9eINtvx2f9HpVnjyMcM9DpVhhvU+yu52sOWvNYtLL9WqakvUI74CF
OcjpnHnLgWmcp6t++m2GpIj4YmsupWSJED6HhQDU+KphJTH89EnyFoDlj5Oyu8fL
ax+JH27yqvy1b9M0TvLpV18ewPM6fCBdy9kvLDgOrbGh0N/WqzhbfQ==
=qSYx
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBR/Llmih9+71yA2DNAQJ5UgP+MXi8jlOw/5qQn4b8jp1a5FS3tqrsSmbg
7jUDAeuMAutarxsi+JMvNGxELG/9FTypWrl1euIeGKpkt4doNdIcfTQtkENPJdkU
qFWRuFacbTHZazRwWcg4x+1m+Y6TW9/ap/PnU7ZNTrPOAmHXeV6Nz/oZxFNckBq1
o1v90fWSKfw=
=xtsg
-----END PGP SIGNATURE-----