Security Advisory Important: speex security update

Advisory: RHSA-2008:0235-4
Type: Security Advisory
Severity: Important
Issued on: 2008-04-16
Last updated on: 2008-04-16
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20080235.xml
CVEs (cve.mitre.org): CVE-2008-1686

Details

Updated speex packages that fix a security issue are now available for Red
Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Speex is a patent-free compression format designed especially for speech.
The Speex package contains a library for handling Speex files and sample
encoder and decoder implementations using this library.

The Speex library was found to not properly validate input values read from
the Speex files headers. An attacker could create a malicious Speex file
that would crash an application or, possibly, allow arbitrary code
execution with the privileges of the application calling the Speex library.
(CVE-2008-1686)

All users of speex are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)
IA-32:
speex-devel-1.0.5-4.el5_1.1.i386.rpm     de7b31841265dceb0194a29b43600a0f
 
x86_64:
speex-devel-1.0.5-4.el5_1.1.i386.rpm     de7b31841265dceb0194a29b43600a0f
speex-devel-1.0.5-4.el5_1.1.x86_64.rpm     90598b4597e624b29b6447c5e03a4701
 
Red Hat Desktop (v. 4)
SRPMS:
speex-1.0.4-4.el4_6.1.src.rpm     0569bc09963ac90cc81ab477b94d5cdb
 
IA-32:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-devel-1.0.4-4.el4_6.1.i386.rpm     a3af80221e3ed856efbb1b98860d5fc4
 
x86_64:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-1.0.4-4.el4_6.1.x86_64.rpm     46daa064f7f708d20bffac8290fadf4c
speex-devel-1.0.4-4.el4_6.1.x86_64.rpm     2b80106aa0fb2a4a6d4dd239209aee71
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
speex-1.0.5-4.el5_1.1.src.rpm     bf3661e73017a6b54e8b629e257ea028
 
IA-32:
speex-1.0.5-4.el5_1.1.i386.rpm     2360abba1923b59b76939c513c98187c
speex-devel-1.0.5-4.el5_1.1.i386.rpm     de7b31841265dceb0194a29b43600a0f
 
IA-64:
speex-1.0.5-4.el5_1.1.ia64.rpm     b0113d1eeb3a07635ef0ad463c3a5ff9
speex-devel-1.0.5-4.el5_1.1.ia64.rpm     2b4e8504cf2590b9d9b5724eb92bdde4
 
PPC:
speex-1.0.5-4.el5_1.1.ppc.rpm     794d4c083965ea9b30c12768d12e9383
speex-1.0.5-4.el5_1.1.ppc64.rpm     b63a2763f9ded78014eea1ddbdfa2abe
speex-devel-1.0.5-4.el5_1.1.ppc.rpm     c0df12cad280c7d1984b4860ce34e2f8
speex-devel-1.0.5-4.el5_1.1.ppc64.rpm     b0fdf703a4c460389e243e24ac1efbab
 
s390x:
speex-1.0.5-4.el5_1.1.s390.rpm     ca3d6fbfadb8c97bc77ccd6c05e0c76e
speex-1.0.5-4.el5_1.1.s390x.rpm     c9b763abb4d99260d1d179e8a3be6474
speex-devel-1.0.5-4.el5_1.1.s390.rpm     2398dab7f9fdfe54c24b2964c235a138
speex-devel-1.0.5-4.el5_1.1.s390x.rpm     31d521fa54360aaaa9e173d879e9b51e
 
x86_64:
speex-1.0.5-4.el5_1.1.i386.rpm     2360abba1923b59b76939c513c98187c
speex-1.0.5-4.el5_1.1.x86_64.rpm     0af19186d828489ca323b05a6297c45b
speex-devel-1.0.5-4.el5_1.1.i386.rpm     de7b31841265dceb0194a29b43600a0f
speex-devel-1.0.5-4.el5_1.1.x86_64.rpm     90598b4597e624b29b6447c5e03a4701
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
speex-1.0.4-4.el4_6.1.src.rpm     0569bc09963ac90cc81ab477b94d5cdb
 
IA-32:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-devel-1.0.4-4.el4_6.1.i386.rpm     a3af80221e3ed856efbb1b98860d5fc4
 
IA-64:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-1.0.4-4.el4_6.1.ia64.rpm     f3d8b9563ec89805ecd34a7bec593f5a
speex-devel-1.0.4-4.el4_6.1.ia64.rpm     7d7ca9dc6cf9163673aa967045fae396
 
PPC:
speex-1.0.4-4.el4_6.1.ppc.rpm     3eef98b41f28c83e0c7677a265d71f54
speex-1.0.4-4.el4_6.1.ppc64.rpm     9991a64d4c66902a1c1c33864cefd392
speex-devel-1.0.4-4.el4_6.1.ppc.rpm     9ecf3fd30881497a7f225113233d0df9
 
s390:
speex-1.0.4-4.el4_6.1.s390.rpm     baaa440346a67dcf9e0b4c7481f27aa6
speex-devel-1.0.4-4.el4_6.1.s390.rpm     57b3e8a3efb40736e70a3a92acd4b395
 
s390x:
speex-1.0.4-4.el4_6.1.s390.rpm     baaa440346a67dcf9e0b4c7481f27aa6
speex-1.0.4-4.el4_6.1.s390x.rpm     303afbd764a015caa30b0eb22d3f77ed
speex-devel-1.0.4-4.el4_6.1.s390x.rpm     56e2ab2e4ae5ec9edc9118dc71b0c397
 
x86_64:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-1.0.4-4.el4_6.1.x86_64.rpm     46daa064f7f708d20bffac8290fadf4c
speex-devel-1.0.4-4.el4_6.1.x86_64.rpm     2b80106aa0fb2a4a6d4dd239209aee71
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
speex-1.0.5-4.el5_1.1.src.rpm     bf3661e73017a6b54e8b629e257ea028
 
IA-32:
speex-1.0.5-4.el5_1.1.i386.rpm     2360abba1923b59b76939c513c98187c
 
x86_64:
speex-1.0.5-4.el5_1.1.i386.rpm     2360abba1923b59b76939c513c98187c
speex-1.0.5-4.el5_1.1.x86_64.rpm     0af19186d828489ca323b05a6297c45b
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
speex-1.0.4-4.el4_6.1.src.rpm     0569bc09963ac90cc81ab477b94d5cdb
 
IA-32:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-devel-1.0.4-4.el4_6.1.i386.rpm     a3af80221e3ed856efbb1b98860d5fc4
 
IA-64:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-1.0.4-4.el4_6.1.ia64.rpm     f3d8b9563ec89805ecd34a7bec593f5a
speex-devel-1.0.4-4.el4_6.1.ia64.rpm     7d7ca9dc6cf9163673aa967045fae396
 
x86_64:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-1.0.4-4.el4_6.1.x86_64.rpm     46daa064f7f708d20bffac8290fadf4c
speex-devel-1.0.4-4.el4_6.1.x86_64.rpm     2b80106aa0fb2a4a6d4dd239209aee71
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
speex-1.0.4-4.el4_6.1.src.rpm     0569bc09963ac90cc81ab477b94d5cdb
 
IA-32:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-devel-1.0.4-4.el4_6.1.i386.rpm     a3af80221e3ed856efbb1b98860d5fc4
 
IA-64:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-1.0.4-4.el4_6.1.ia64.rpm     f3d8b9563ec89805ecd34a7bec593f5a
speex-devel-1.0.4-4.el4_6.1.ia64.rpm     7d7ca9dc6cf9163673aa967045fae396
 
x86_64:
speex-1.0.4-4.el4_6.1.i386.rpm     a10e6dbaafc06c4041821ccd5b5f1a29
speex-1.0.4-4.el4_6.1.x86_64.rpm     46daa064f7f708d20bffac8290fadf4c
speex-devel-1.0.4-4.el4_6.1.x86_64.rpm     2b80106aa0fb2a4a6d4dd239209aee71
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

441239 - CVE-2008-1686 speex, libfishsound: insufficient boundary checks


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
http://www.redhat.com/security/updates/classification/#important

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/