安全研究
安全漏洞
LibWPD库多个缓冲区溢出漏洞
发布日期:2007-03-16
更新日期:2007-03-19
受影响系统:
libwpd libwpd 0.8.7不受影响系统:
libwpd libwpd 0.8.9描述:
BUGTRAQ ID: 23006
CVE(CAN) ID: CVE-2007-0002
libwpd是用于读取和转换Word Perfect文档的函数库。
libwpd处理畸形文档中的字段值时存在漏洞,远程攻击者可能利用这些漏洞通过诱使用户打开恶意文档执行控制用户机器。
libwpd的WP6GeneralTextPacket::_readContents函数从用户提供的文档中读取一系列的整数值并求和,然后使用得到的和从堆中分配内存块,最后将上述加法得到的运算数用作拷贝的字节数,将文件中的数据拷贝到缓冲区。求和操作可能导致整数溢出,在拷贝操作中溢出缓冲区。
WP3TablesGroup::_readContents()和WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup()函数中存在另外两个缓冲区溢出。这些函数从攻击者提供的文件中读取整数值并将其用作了循环计数器,在循环中文件中的任意数据会充满静态大小的缓冲区,这可能导致堆溢出。
<*来源:Sean Larsson
链接:http://secunia.com/advisories/24507/
http://sourceforge.net/project/shownotes.php?release_id=494122
http://lwn.net/Alerts/226453/?format=printable
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=490
http://www.debian.org/security/2007/dsa-1268
http://www.debian.org/security/2007/dsa-1270
http://security.gentoo.org/glsa/glsa-200704-07.xml
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1268-1)以及相应补丁:
DSA-1268-1:New libwpd packages fix arbitrary code execution
链接:http://www.debian.org/security/2007/dsa-1268
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd_0.8.1-1sarge1.dsc
Size/MD5 checksum: 771 3f766aab2c2c0ff76feb561e51e17350
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd_0.8.1-1sarge1.diff.gz
Size/MD5 checksum: 12523 9cd210c306a22900d77afbc3e62b3557
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd_0.8.1.orig.tar.gz
Size/MD5 checksum: 487187 75eabcc479c23461715ee58813c4b9b5
Architecture independent components:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-doc_0.8.1-1sarge1_all.deb
Size/MD5 checksum: 523184 0c9bfe4ac1b79688d408b1685246138e
Alpha architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_alpha.deb
Size/MD5 checksum: 10200 8457ae23ea4638ecbf774198676e62b6
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_alpha.deb
Size/MD5 checksum: 25800 94c9d4fd23fdac66ddf368e74761690e
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_alpha.deb
Size/MD5 checksum: 148594 8af570673eddd1d436eb0befb40b5ef9
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_alpha.deb
Size/MD5 checksum: 286542 b7aae6d0dc6f3f3618e2613d3136c456
AMD64 architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_amd64.deb
Size/MD5 checksum: 9998 076ff186f2150afd40318ac9b0764cfe
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_amd64.deb
Size/MD5 checksum: 24214 1c75a6141ca3e9b5c9247cad1994a814
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_amd64.deb
Size/MD5 checksum: 137528 c804cc0ebc56eae0b4af35aac2b8dce2
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_amd64.deb
Size/MD5 checksum: 231074 785d0bbf7fc34e7a592843145d55520f
ARM architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_arm.deb
Size/MD5 checksum: 9872 502b16e468b369c865f68036651f25c8
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_arm.deb
Size/MD5 checksum: 21736 3c8862d95e911fa3e96527def67271a9
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_arm.deb
Size/MD5 checksum: 134440 cae03d0c40607eb2e09abe3a7aafdc9f
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_arm.deb
Size/MD5 checksum: 233142 9c9bf1780e7337a6e3c68ed2fcecf052
HP Precision architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_hppa.deb
Size/MD5 checksum: 11058 cc181a60e7d528ca531b2967bebd29ff
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_hppa.deb
Size/MD5 checksum: 29762 236721a143d8514e1d961c1570664a0f
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_hppa.deb
Size/MD5 checksum: 174812 9531c09294d4450e77dc0052a5b6cb04
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_hppa.deb
Size/MD5 checksum: 279294 ff3c8c3de9a022800ded706689ec8836
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_i386.deb
Size/MD5 checksum: 10026 00485b49a64aae9ed740c9e96950ac8d
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_i386.deb
Size/MD5 checksum: 22270 0aaf3a1bb22e2f36b0453427624f8969
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_i386.deb
Size/MD5 checksum: 136908 7d292c35afaf60afed2e48bb4d9ee868
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_i386.deb
Size/MD5 checksum: 207326 d17cc1d4c5d1037101406d779c356d98
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_ia64.deb
Size/MD5 checksum: 10740 0d4bf0491e1381445d32d6bd160d8027
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_ia64.deb
Size/MD5 checksum: 27462 b843522c4ae730396105e1e9767892ff
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_ia64.deb
Size/MD5 checksum: 170570 669bc512e8b0b7d505dfa9e02e0a143a
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_ia64.deb
Size/MD5 checksum: 295760 9f4cb18cb0aed793cbbbc23f808c42ad
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_m68k.deb
Size/MD5 checksum: 9968 35a988b3e490e93a74660a1f0020db8e
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_m68k.deb
Size/MD5 checksum: 22118 c23646d329c8249288aef84436e2b9b0
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_m68k.deb
Size/MD5 checksum: 140948 33d9c7174e8a346a51a12cb647399527
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_m68k.deb
Size/MD5 checksum: 209136 ceb11528b73d57f0cbb9044342001cd0
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_mips.deb
Size/MD5 checksum: 10104 be82812ff5400c9329a5938b67eb6c37
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_mips.deb
Size/MD5 checksum: 30276 35143930c168ad6397b1b01d50325026
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_mips.deb
Size/MD5 checksum: 139382 f1557a9c1c6962aab325796ef37f8849
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_mips.deb
Size/MD5 checksum: 248506 23a666ff4266b28f8c5ab4f7658aab02
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_mipsel.deb
Size/MD5 checksum: 10070 512bb984826f6424f80ff7bff44c93f3
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_mipsel.deb
Size/MD5 checksum: 30202 1576ec10b2d297693913d1254ef96604
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_mipsel.deb
Size/MD5 checksum: 136904 2f528dce35c846821b6086066967f219
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_mipsel.deb
Size/MD5 checksum: 248322 b4a6b760abe30451a895849d6d86a65d
PowerPC architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_powerpc.deb
Size/MD5 checksum: 11616 d8d4befd6855e1465b5305e5a20b93ed
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_powerpc.deb
Size/MD5 checksum: 26246 4fa85b02724acc19956f7047b17fee64
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_powerpc.deb
Size/MD5 checksum: 137578 dc90962ee81a457fd0005f47b0b96c10
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_powerpc.deb
Size/MD5 checksum: 230316 35d7130230ac12252b606c90cb4860db
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_s390.deb
Size/MD5 checksum: 10180 856f4717355f3c4f4f1fb7dee2e9d128
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_s390.deb
Size/MD5 checksum: 22328 6bed646d70f0e9feaf6129dacf3a9449
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_s390.deb
Size/MD5 checksum: 143784 fa63e898473a222474c18b3ea2d4dc50
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_s390.deb
Size/MD5 checksum: 217986 46048a986e63b0d9d9284c799f78c1aa
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8_0.8.1-1sarge1_sparc.deb
Size/MD5 checksum: 9818 720a37bad0cd91e3ec6d14cefcd9c958
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.1-1sarge1_sparc.deb
Size/MD5 checksum: 21674 ee05542851e46f301c23b180f81f2406
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8_0.8.1-1sarge1_sparc.deb
Size/MD5 checksum: 132612 8dbfec10e2b76e1fef4059974092f71a
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.1-1sarge1_sparc.deb
Size/MD5 checksum: 215498 d15c4abe071d75845e007f3097d871d0
Debian GNU/Linux pre4.0 alias etch
- ----------------------------------
Source archives:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd_0.8.7-6.dsc
Size/MD5 checksum: 797 6f9e883be6ffcba95eb6f57d30811fdc
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd_0.8.7-6.diff.gz
Size/MD5 checksum: 13404 78c0ab2ad3db3413378f11cf471e2624
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd_0.8.7.orig.tar.gz
Size/MD5 checksum: 564750 99216fb67846e24aa75a26e246797de2
Architecture independent components:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-doc_0.8.7-6_all.deb
Size/MD5 checksum: 1035252 2a7f0b64dcc7bee432e78f49f40a1201
Alpha architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_alpha.deb
Size/MD5 checksum: 13074 3ded91ea5808da67788fb9c7dbc3bbe6
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_alpha.deb
Size/MD5 checksum: 28200 df5b03fc78672da3d80408d6087f10cb
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_alpha.deb
Size/MD5 checksum: 467046 3b4382d158cb375958165607be24f70d
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_alpha.deb
Size/MD5 checksum: 219884 56a6528e533371305d7a363180b6ad61
AMD64 architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_amd64.deb
Size/MD5 checksum: 12896 5fe29efcfd12c3477851f0de1b2cbc53
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_amd64.deb
Size/MD5 checksum: 26502 b2ae0cc83a1abdb573eb65c9c8e0f395
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_amd64.deb
Size/MD5 checksum: 367742 c2ee53bb4545df4b1a38e99f264bfb5a
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_amd64.deb
Size/MD5 checksum: 191446 a787f47bfed50163e148a0c3a3799bd5
ARM architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_arm.deb
Size/MD5 checksum: 12836 26802ef2acdae48110bbf204a231e7f4
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_arm.deb
Size/MD5 checksum: 25368 03b3b9e78b05e82cc3e5e18f3a1ab318
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_arm.deb
Size/MD5 checksum: 351942 636c08b9a5b2b56a28fcb8b004b66500
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_arm.deb
Size/MD5 checksum: 193494 b8edee888b55855f37800b3a12903003
HP Precision architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_hppa.deb
Size/MD5 checksum: 13804 e734d3b41e84f6ef9cc8622a854eee0a
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_hppa.deb
Size/MD5 checksum: 29964 45d54228e1563d146643e0e6ac2f6a2d
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_hppa.deb
Size/MD5 checksum: 400904 10d70ca7146503fdbae4b675c8a812ca
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_hppa.deb
Size/MD5 checksum: 234590 ef54a8d32e1d59dbd4633f62a3afadec
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_i386.deb
Size/MD5 checksum: 12982 79f6ce15f129b7d1188f6af2cc3904f7
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_i386.deb
Size/MD5 checksum: 25124 92ca8c01adf06cd0fa6945560b10ea2f
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_i386.deb
Size/MD5 checksum: 327446 0946788c4a5eb29e3592ca0dff0679a4
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_i386.deb
Size/MD5 checksum: 197762 f8c7aae8a1401fa280ec3e832336dd38
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_ia64.deb
Size/MD5 checksum: 13858 f0574ebd6255fd8c9ff745b2f5b735f5
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_ia64.deb
Size/MD5 checksum: 30978 e2a9769d017b11072453ae2ff3dea551
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_ia64.deb
Size/MD5 checksum: 490186 f2f5ac3785a18df3ed824a5527133edf
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_ia64.deb
Size/MD5 checksum: 251708 cc0974d3805985f3cec78c92d07eec6b
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_m68k.deb
Size/MD5 checksum: 12944 9099c229ff5c113df5a4cdcee52ffd9f
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_m68k.deb
Size/MD5 checksum: 25704 cbf24d105591c2a98b20d704521a2f6a
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_m68k.deb
Size/MD5 checksum: 327430 682520c75b4d7ee06000bb9239eff8c9
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_m68k.deb
Size/MD5 checksum: 195092 1ad0cffe8f6dfb4c17321e02c9f2084a
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_mips.deb
Size/MD5 checksum: 12962 bb7dfe0b777a3bcd49f0aa9ba55a9cb5
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_mips.deb
Size/MD5 checksum: 29260 cb04a62fa6786e7bc4dfd21661943747
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_mips.deb
Size/MD5 checksum: 377706 cfd1297cc4f8b9f026fe0fa63fae1d56
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_mips.deb
Size/MD5 checksum: 194152 6149d062125d1a3ba1647abef1390b1f
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_mipsel.deb
Size/MD5 checksum: 13004 f639ad59d49220a46a08cdec85ca155b
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_mipsel.deb
Size/MD5 checksum: 29044 673970ac4663da5a41b95e06590622ba
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_mipsel.deb
Size/MD5 checksum: 378068 00c585441e3685c3318c97580de23689
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_mipsel.deb
Size/MD5 checksum: 197980 bbae69e8df2f40fb3d8b6c4a7d76e391
PowerPC architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_powerpc.deb
Size/MD5 checksum: 14622 71fe53e83f101d68ffdb9558eec20347
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_powerpc.deb
Size/MD5 checksum: 28998 8bd6831b3091ee3332ceeb7fa1b69374
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_powerpc.deb
Size/MD5 checksum: 366262 48d139c2b5cf104a7c91ddf827502d8b
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_powerpc.deb
Size/MD5 checksum: 205594 04f0d587446c51e8d0a536f0906b9de2
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_s390.deb
Size/MD5 checksum: 13098 6af6afb74c69cd1c0bcbf9ede7fab8ef
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_s390.deb
Size/MD5 checksum: 25676 de96d7b1af6c46ed7d027732ab9932d4
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_s390.deb
Size/MD5 checksum: 344852 0621ce2cfa6de3c0bfb22c36fd60e7a4
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_s390.deb
Size/MD5 checksum: 198886 3edde045e28fb1098864844878100fe7
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-stream8c2a_0.8.7-6_sparc.deb
Size/MD5 checksum: 12720 02eb2ba67c2e339c70217f49d41cbfb5
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd-tools_0.8.7-6_sparc.deb
Size/MD5 checksum: 23938 f18315282988805c031322ab10fa2605
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8-dev_0.8.7-6_sparc.deb
Size/MD5 checksum: 306808 271b0cd958370b8a03ddddc7c2d76979
http://security.debian.org/pool/updates/main/libw/libwpd/libwpd8c2a_0.8.7-6_sparc.deb
Size/MD5 checksum: 186788 5a8ebcafca2d6a877bfa13bdb65dfda2
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2007:0055-01)以及相应补丁:
RHSA-2007:0055-01:Important: libwpd security update
链接:http://lwn.net/Alerts/226453/?format=printable
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200704-07)以及相应补丁:
GLSA-200704-07:libwpd: Multiple vulnerabilities
链接:http://security.gentoo.org/glsa/glsa-200704-07.xml
所有libwpd用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/libwpd-0.8.9"
libwpd
------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://prdownloads.sourceforge.net/libwpd/libwpd-0.8.9.tar.gz?download
浏览次数:3789
严重程度:0(网友投票)
绿盟科技给您安全的保障