Skip to navigation

Security Advisory Moderate: libwmf security update

Advisory: RHSA-2009:0457-1
Type: Security Advisory
Severity: Moderate
Issued on: 2009-04-30
Last updated on: 2009-04-30
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux Long Life (v. 5.3 server)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-1364

Details

Updated libwmf packages that fix one security issue are now available for
Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

libwmf is a library for reading and converting Windows Metafile Format
(WMF) vector graphics. libwmf is used by applications such as GIMP and
ImageMagick.

A pointer use-after-free flaw was found in the GD graphics library embedded
in libwmf. An attacker could create a specially-crafted WMF file that would
cause an application using libwmf to crash or, potentially, execute
arbitrary code as the user running the application when opened by a victim.
(CVE-2009-1364)

Note: This flaw is specific to the GD graphics library embedded in libwmf.
It does not affect the GD graphics library from the "gd" packages, or
applications using it.

Red Hat would like to thank Tavis Ormandy of the Google Security Team for
responsibly reporting this flaw.

All users of libwmf are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, all applications using libwmf must be restarted for the update
to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
libwmf-0.2.8.4-10.2.src.rpm     MD5: 3605f6fd5db7e1194f824c2ecc752a21
 
IA-32:
libwmf-devel-0.2.8.4-10.2.i386.rpm     MD5: 4ec96890526e66a36a4ebecf68f27eaa
 
x86_64:
libwmf-devel-0.2.8.4-10.2.i386.rpm     MD5: 4ec96890526e66a36a4ebecf68f27eaa
libwmf-devel-0.2.8.4-10.2.x86_64.rpm     MD5: 5b24702802f137f003fe7402d2160d03
 
Red Hat Desktop (v. 4)

SRPMS:
libwmf-0.2.8.3-5.8.src.rpm     MD5: 64ad21388f35a71cd216dc182de1213e
 
IA-32:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-devel-0.2.8.3-5.8.i386.rpm     MD5: 6ba2b2721a32ebb56d3d351929fd4299
 
x86_64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.x86_64.rpm     MD5: 4195959292ddaf8881f581fc0e98671e
libwmf-devel-0.2.8.3-5.8.x86_64.rpm     MD5: 1ddc62edcf63b3669f26f77014e50598
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
libwmf-0.2.8.4-10.2.src.rpm     MD5: 3605f6fd5db7e1194f824c2ecc752a21
 
IA-32:
libwmf-0.2.8.4-10.2.i386.rpm     MD5: f64f955abb4545f1def1a7b3d9d47afa
libwmf-devel-0.2.8.4-10.2.i386.rpm     MD5: 4ec96890526e66a36a4ebecf68f27eaa
 
IA-64:
libwmf-0.2.8.4-10.2.ia64.rpm     MD5: 0762881579bd14459f77da9c3f8967f6
libwmf-devel-0.2.8.4-10.2.ia64.rpm     MD5: 67b315784bbc70930595252d7232bc89
 
PPC:
libwmf-0.2.8.4-10.2.ppc.rpm     MD5: 7e9623053fc7db3965ee1fb90e134333
libwmf-0.2.8.4-10.2.ppc64.rpm     MD5: b5832244e4bc182771da079a14b3e1ad
libwmf-devel-0.2.8.4-10.2.ppc.rpm     MD5: 5fed14d123b11e38f60d704c1d430607
libwmf-devel-0.2.8.4-10.2.ppc64.rpm     MD5: 38b0ef88a5f7648201eec9b93d910c15
 
s390x:
libwmf-0.2.8.4-10.2.s390.rpm     MD5: 09153855a8494b0d4a1318a409b6f131
libwmf-0.2.8.4-10.2.s390x.rpm     MD5: 33f7a6b36cfdfa768d5927641bc5d1ce
libwmf-devel-0.2.8.4-10.2.s390.rpm     MD5: c7d218bec213847e17244c3e8689afed
libwmf-devel-0.2.8.4-10.2.s390x.rpm     MD5: 5ef14d3110000d10e8840620b7e41724
 
x86_64:
libwmf-0.2.8.4-10.2.i386.rpm     MD5: f64f955abb4545f1def1a7b3d9d47afa
libwmf-0.2.8.4-10.2.x86_64.rpm     MD5: cd76872125524c573293ebc838d4b24f
libwmf-devel-0.2.8.4-10.2.i386.rpm     MD5: 4ec96890526e66a36a4ebecf68f27eaa
libwmf-devel-0.2.8.4-10.2.x86_64.rpm     MD5: 5b24702802f137f003fe7402d2160d03
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
libwmf-0.2.8.3-5.8.src.rpm     MD5: 64ad21388f35a71cd216dc182de1213e
 
IA-32:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-devel-0.2.8.3-5.8.i386.rpm     MD5: 6ba2b2721a32ebb56d3d351929fd4299
 
IA-64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.ia64.rpm     MD5: dfa33ec140491f5637c3b5c9e31327ed
libwmf-devel-0.2.8.3-5.8.ia64.rpm     MD5: 5f10cd6a137c946b1437c41bc4670e5f
 
PPC:
libwmf-0.2.8.3-5.8.ppc.rpm     MD5: 56c57e262cea763ecbbd1a84146b8a22
libwmf-0.2.8.3-5.8.ppc64.rpm     MD5: 07ee8695425e03bfeb1e43aaf1ad80f4
libwmf-devel-0.2.8.3-5.8.ppc.rpm     MD5: aa984e9aae6142f7442473657b78c65b
 
s390:
libwmf-0.2.8.3-5.8.s390.rpm     MD5: c45a338d6afff3018b56b5ba9adee485
libwmf-devel-0.2.8.3-5.8.s390.rpm     MD5: d6985a4e6f484a6626bb5d95306751fa
 
s390x:
libwmf-0.2.8.3-5.8.s390.rpm     MD5: c45a338d6afff3018b56b5ba9adee485
libwmf-0.2.8.3-5.8.s390x.rpm     MD5: 2dc689e47adfcbd83ed5adf82eb9c3fe
libwmf-devel-0.2.8.3-5.8.s390x.rpm     MD5: 98e94110c1d86530dfe03f2415d53503
 
x86_64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.x86_64.rpm     MD5: 4195959292ddaf8881f581fc0e98671e
libwmf-devel-0.2.8.3-5.8.x86_64.rpm     MD5: 1ddc62edcf63b3669f26f77014e50598
 
Red Hat Enterprise Linux AS (v. 4.7.z)

SRPMS:
libwmf-0.2.8.3-5.8.src.rpm     MD5: 64ad21388f35a71cd216dc182de1213e
 
IA-32:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-devel-0.2.8.3-5.8.i386.rpm     MD5: 6ba2b2721a32ebb56d3d351929fd4299
 
IA-64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.ia64.rpm     MD5: dfa33ec140491f5637c3b5c9e31327ed
libwmf-devel-0.2.8.3-5.8.ia64.rpm     MD5: 5f10cd6a137c946b1437c41bc4670e5f
 
PPC:
libwmf-0.2.8.3-5.8.ppc.rpm     MD5: 56c57e262cea763ecbbd1a84146b8a22
libwmf-0.2.8.3-5.8.ppc64.rpm     MD5: 07ee8695425e03bfeb1e43aaf1ad80f4
libwmf-devel-0.2.8.3-5.8.ppc.rpm     MD5: aa984e9aae6142f7442473657b78c65b
 
s390:
libwmf-0.2.8.3-5.8.s390.rpm     MD5: c45a338d6afff3018b56b5ba9adee485
libwmf-devel-0.2.8.3-5.8.s390.rpm     MD5: d6985a4e6f484a6626bb5d95306751fa
 
s390x:
libwmf-0.2.8.3-5.8.s390.rpm     MD5: c45a338d6afff3018b56b5ba9adee485
libwmf-0.2.8.3-5.8.s390x.rpm     MD5: 2dc689e47adfcbd83ed5adf82eb9c3fe
libwmf-devel-0.2.8.3-5.8.s390x.rpm     MD5: 98e94110c1d86530dfe03f2415d53503
 
x86_64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.x86_64.rpm     MD5: 4195959292ddaf8881f581fc0e98671e
libwmf-devel-0.2.8.3-5.8.x86_64.rpm     MD5: 1ddc62edcf63b3669f26f77014e50598
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
libwmf-0.2.8.4-10.2.src.rpm     MD5: 3605f6fd5db7e1194f824c2ecc752a21
 
IA-32:
libwmf-0.2.8.4-10.2.i386.rpm     MD5: f64f955abb4545f1def1a7b3d9d47afa
 
x86_64:
libwmf-0.2.8.4-10.2.i386.rpm     MD5: f64f955abb4545f1def1a7b3d9d47afa
libwmf-0.2.8.4-10.2.x86_64.rpm     MD5: cd76872125524c573293ebc838d4b24f
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
libwmf-0.2.8.3-5.8.src.rpm     MD5: 64ad21388f35a71cd216dc182de1213e
 
IA-32:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-devel-0.2.8.3-5.8.i386.rpm     MD5: 6ba2b2721a32ebb56d3d351929fd4299
 
IA-64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.ia64.rpm     MD5: dfa33ec140491f5637c3b5c9e31327ed
libwmf-devel-0.2.8.3-5.8.ia64.rpm     MD5: 5f10cd6a137c946b1437c41bc4670e5f
 
x86_64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.x86_64.rpm     MD5: 4195959292ddaf8881f581fc0e98671e
libwmf-devel-0.2.8.3-5.8.x86_64.rpm     MD5: 1ddc62edcf63b3669f26f77014e50598
 
Red Hat Enterprise Linux ES (v. 4.7.z)

SRPMS:
libwmf-0.2.8.3-5.8.src.rpm     MD5: 64ad21388f35a71cd216dc182de1213e
 
IA-32:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-devel-0.2.8.3-5.8.i386.rpm     MD5: 6ba2b2721a32ebb56d3d351929fd4299
 
IA-64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.ia64.rpm     MD5: dfa33ec140491f5637c3b5c9e31327ed
libwmf-devel-0.2.8.3-5.8.ia64.rpm     MD5: 5f10cd6a137c946b1437c41bc4670e5f
 
x86_64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.x86_64.rpm     MD5: 4195959292ddaf8881f581fc0e98671e
libwmf-devel-0.2.8.3-5.8.x86_64.rpm     MD5: 1ddc62edcf63b3669f26f77014e50598
 
Red Hat Enterprise Linux EUS (v. 5.3.z server)

SRPMS:
libwmf-0.2.8.4-10.2.src.rpm     MD5: 3605f6fd5db7e1194f824c2ecc752a21
 
IA-32:
libwmf-0.2.8.4-10.2.i386.rpm     MD5: f64f955abb4545f1def1a7b3d9d47afa
libwmf-devel-0.2.8.4-10.2.i386.rpm     MD5: 4ec96890526e66a36a4ebecf68f27eaa
 
IA-64:
libwmf-0.2.8.4-10.2.ia64.rpm     MD5: 0762881579bd14459f77da9c3f8967f6
libwmf-devel-0.2.8.4-10.2.ia64.rpm     MD5: 67b315784bbc70930595252d7232bc89
 
PPC:
libwmf-0.2.8.4-10.2.ppc.rpm     MD5: 7e9623053fc7db3965ee1fb90e134333
libwmf-0.2.8.4-10.2.ppc64.rpm     MD5: b5832244e4bc182771da079a14b3e1ad
libwmf-devel-0.2.8.4-10.2.ppc.rpm     MD5: 5fed14d123b11e38f60d704c1d430607
libwmf-devel-0.2.8.4-10.2.ppc64.rpm     MD5: 38b0ef88a5f7648201eec9b93d910c15
 
s390x:
libwmf-0.2.8.4-10.2.s390.rpm     MD5: 09153855a8494b0d4a1318a409b6f131
libwmf-0.2.8.4-10.2.s390x.rpm     MD5: 33f7a6b36cfdfa768d5927641bc5d1ce
libwmf-devel-0.2.8.4-10.2.s390.rpm     MD5: c7d218bec213847e17244c3e8689afed
libwmf-devel-0.2.8.4-10.2.s390x.rpm     MD5: 5ef14d3110000d10e8840620b7e41724
 
x86_64:
libwmf-0.2.8.4-10.2.i386.rpm     MD5: f64f955abb4545f1def1a7b3d9d47afa
libwmf-0.2.8.4-10.2.x86_64.rpm     MD5: cd76872125524c573293ebc838d4b24f
libwmf-devel-0.2.8.4-10.2.i386.rpm     MD5: 4ec96890526e66a36a4ebecf68f27eaa
libwmf-devel-0.2.8.4-10.2.x86_64.rpm     MD5: 5b24702802f137f003fe7402d2160d03
 
Red Hat Enterprise Linux Long Life (v. 5.3 server)

SRPMS:
libwmf-0.2.8.4-10.2.src.rpm     MD5: 3605f6fd5db7e1194f824c2ecc752a21
 
IA-32:
libwmf-0.2.8.4-10.2.i386.rpm     MD5: f64f955abb4545f1def1a7b3d9d47afa
libwmf-devel-0.2.8.4-10.2.i386.rpm     MD5: 4ec96890526e66a36a4ebecf68f27eaa
 
IA-64:
libwmf-0.2.8.4-10.2.ia64.rpm     MD5: 0762881579bd14459f77da9c3f8967f6
libwmf-devel-0.2.8.4-10.2.ia64.rpm     MD5: 67b315784bbc70930595252d7232bc89
 
x86_64:
libwmf-0.2.8.4-10.2.i386.rpm     MD5: f64f955abb4545f1def1a7b3d9d47afa
libwmf-0.2.8.4-10.2.x86_64.rpm     MD5: cd76872125524c573293ebc838d4b24f
libwmf-devel-0.2.8.4-10.2.i386.rpm     MD5: 4ec96890526e66a36a4ebecf68f27eaa
libwmf-devel-0.2.8.4-10.2.x86_64.rpm     MD5: 5b24702802f137f003fe7402d2160d03
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
libwmf-0.2.8.3-5.8.src.rpm     MD5: 64ad21388f35a71cd216dc182de1213e
 
IA-32:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-devel-0.2.8.3-5.8.i386.rpm     MD5: 6ba2b2721a32ebb56d3d351929fd4299
 
IA-64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.ia64.rpm     MD5: dfa33ec140491f5637c3b5c9e31327ed
libwmf-devel-0.2.8.3-5.8.ia64.rpm     MD5: 5f10cd6a137c946b1437c41bc4670e5f
 
x86_64:
libwmf-0.2.8.3-5.8.i386.rpm     MD5: ad2cafb36c6a5fa33efd2dbf6c2383c4
libwmf-0.2.8.3-5.8.x86_64.rpm     MD5: 4195959292ddaf8881f581fc0e98671e
libwmf-devel-0.2.8.3-5.8.x86_64.rpm     MD5: 1ddc62edcf63b3669f26f77014e50598
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

496864 - EMBARGOED CVE-2009-1364 libwmf: embedded gd use-after-free error


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/