Linux Security
Linux Security
Linux Security

Debian: window maker buffer overflow

Date 07 Nov 2002
Posted By LinuxSecurity Advisories
There is a problem in the image handling code use in Window Maker.

Debian Security Advisory DSA-190-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.                         Wichert Akkerman
November  7, 2002

Package        : wmaker
Problem type   : buffer overflow
Debian-specific: no

Al Viro found a problem in the image handling code use in Window Maker,
a popular NEXTSTEP like window manager. When creating an image it would
allocate a buffer by multiplying the image width and height, but did not
check for an overflow. This makes it possible to overflow the buffer.
This could be exploited by using specially crafted image files (for
example when previewing themes).

This has been fixed in version 0.80.0-4.1.


Obtaining updates:

  By hand:
    wget URL
        will fetch the file for you.
    dpkg -i FILENAME.deb
        will install the fetched file.

  With apt:
    deb stable/updates main
        added to /etc/apt/sources.list will provide security updates

Additional information can be found on the Debian security webpages


Debian GNU/Linux 3.0 alias woody

  Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel,
  powerpc, s390 and sparc. At this moment packages for mipsel are not yet

  Source archives:
      Size/MD5 checksum:  2452207 0768a12edff35cba82e769fcbc8de430
      Size/MD5 checksum:   323198 c1a49502d07e18044d2e1b579c7144fb
      Size/MD5 checksum:     1463 81ac44a6b0ea1dedc49834f35e5bfb51

  alpha architecture (DEC Alpha)
      Size/MD5 checksum:  2292278 015fa329febee7722ace1d233989c5b0
      Size/MD5 checksum:   448638 642310838f93352e6461ba73d28ad178
      Size/MD5 checksum:   124220 7614f26566c44ce413e5ca05e8f3e146
      Size/MD5 checksum:    60026 e74d2e084ac969d1ea7d349140d2721e
      Size/MD5 checksum:   108778 400114e0b4d35b37d573efee840e6e73

  arm architecture (ARM)
      Size/MD5 checksum:   340944 9d611e16b7b35ed5985f037a4f8f5635
      Size/MD5 checksum:   107852 23a35885f237a23b733ef105438761aa
      Size/MD5 checksum:  2068456 aa0f4630de38323faf835cf4f965b7fe
      Size/MD5 checksum:    59220 e334af4dad5edcc5cd1c1ac4e8cbefeb
      Size/MD5 checksum:    95684 3a468466a4223b14b8f3b43acab410de

  hppa architecture (HP PA RISC)
      Size/MD5 checksum:  2189302 ef8befcc5bba64f0599f082569d56958
      Size/MD5 checksum:   117434 10303109fd46a2e3b0dc54e422d73bc8
      Size/MD5 checksum:   104508 e7d881619da171e82a796aede8d71dba
      Size/MD5 checksum:    59880 26a96fa9a6422861ec56f2207e40dd92
      Size/MD5 checksum:   395706 9ca65c6d9892555c3b169e9fe96af82b

  i386 architecture (Intel ia32)
      Size/MD5 checksum:    58934 1e1ea0a1dbc7fbf0110aa729e98dd8ad
      Size/MD5 checksum:   100986 982412044d618f6d93e8b60f48016329
      Size/MD5 checksum:  2035984 0677927edc56824f2d38237c875ec76a
      Size/MD5 checksum:    93466 c7ff10540e773703762acc2c4b69a338
      Size/MD5 checksum:   305248 91159acc6ae18dbb5e53c3ac3cbfe765

  ia64 architecture (Intel ia64)
      Size/MD5 checksum:   133780 08e0e30df9f399ade6f6c6774b03069c
      Size/MD5 checksum:  2557644 91951626efc89ffc244391bd1d11256e
      Size/MD5 checksum:    61228 bd1adfd645260243a4ba046f61045534
      Size/MD5 checksum:   122830 0d7b69562e8c700f5ee78a1fed0047ec
      Size/MD5 checksum:   494558 e41935522601cc2e90e39d7393c346c9

  m68k architecture (Motorola Mc680x0)
      Size/MD5 checksum:    91402 1165b0a8fadf4e457df9e2603b01b98f
      Size/MD5 checksum:   293348 f07a355b3bb9c861c85fa748031e4ece
      Size/MD5 checksum:    58924 20fed2a566ffc90e1153a2140aafa1b6
      Size/MD5 checksum:    97888 bec514f995c629145171f6002399b18f
      Size/MD5 checksum:  1977478 b502aacb81c5a368cd1b506168758357

  mips architecture (MIPS (Big Endian))
      Size/MD5 checksum:   386242 f74242056c3371b73040b2e4f0ede9a4
      Size/MD5 checksum:    97494 1c3e38459edb247524ab8af00fbf46bd
      Size/MD5 checksum:  2169890 d42c7f5bf61b2a4f7972b5f2daf3ccb2
      Size/MD5 checksum:   113006 ec763a7c2f7122a8664ac316ec90a25b
      Size/MD5 checksum:    59998 0b046f3d3dc66851eb06dce2b39eeeaf

  powerpc architecture (PowerPC)
      Size/MD5 checksum:   110198 b048be171736c11d8460c5cb8bd70d9f
      Size/MD5 checksum:  2080496 9bc6d5cd6dc38cf4d807b7f19806120f
      Size/MD5 checksum:    59360 1bd0d211921282ce8b92b339b6a9c82f
      Size/MD5 checksum:   349716 97360ccc35c0ac9381408ba11171e480
      Size/MD5 checksum:    97058 45798aab8fd1548886971c9e1de8e986

  s390 architecture (IBM S/390)
      Size/MD5 checksum:  2054012 ea1f2c7c787421b75350253dfc02d204
      Size/MD5 checksum:   102970 57484d85388fca52b6434f3b502bbb58
      Size/MD5 checksum:    96718 7a6a6831c6cf76d0b6ac3f4f39c52280
      Size/MD5 checksum:   319682 07af4e4067aa1297746b65c6c396d781
      Size/MD5 checksum:    59216 b7ec2bb441654d68cf94d06c9f8fdcf9

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5 checksum:    59126 aab1f4783be8045398e09dcedba338a2
      Size/MD5 checksum:  2071848 8bd9945b9f8561a800a2cba18c8a0306
      Size/MD5 checksum:    95976 07cf420ca394c83595e906e5f8d21911
      Size/MD5 checksum:   105984 087137527a8c5ec0a8b6c8d23f2da17a
      Size/MD5 checksum:   329092 8a3594e3f6773274a2bf7adb628b5d04

Debian Security team <This email address is being protected from spambots. You need JavaScript enabled to view it.>
Mailing-List: This email address is being protected from spambots. You need JavaScript enabled to view it.


LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"50","type":"x","order":"1","pct":80.65,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"7","type":"x","order":"2","pct":11.29,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":8.06,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.