Bug 523955 (CVE-2009-2905)

Summary: CVE-2009-2905 newt: heap-overflow in textbox when text reflowing
Product: [Other] Security Response Reporter: Miroslav Lichvar <mlichvar>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: dmach, jlieskov, kreilly, mjc, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-10-05 06:57:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 524613, 524615, 524617, 524618, 524619    
Bug Blocks:    

Comment 1 Jan Lieskovsky 2009-09-18 17:52:14 UTC 
A heap-based buffer overflow flaw was found in the way newt processes
content that is to be displayed in a text dialog box. A local attacker
could issue a specially-crafted text dialog box display request (direct or
via a custom application), leading to a denial of service (application
crash) or, potentially, arbitrary code execution with the privileges of the
user running the application using the newt library.
Comment 13 Jan Lieskovsky 2009-09-24 14:06:21 UTC 
Public now via:

http://lists.debian.org/debian-security-announce/2009/msg00215.html
http://www.ubuntu.com/usn/USN-837-1
Comment 14 Fedora Update System 2009-09-24 14:32:33 UTC 
newt-0.52.10-2.fc10 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/newt-0.52.10-2.fc10
Comment 15 Fedora Update System 2009-09-24 14:32:36 UTC 
newt-0.52.10-4.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/newt-0.52.10-4.fc11
Comment 16 errata-xmlrpc 2009-09-24 19:21:49 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 3
  Red Hat Enterprise Linux 4
  Red Hat Enterprise Linux 5

Via RHSA-2009:1463 https://rhn.redhat.com/errata/RHSA-2009-1463.html
Comment 17 Fedora Update System 2009-09-25 20:14:47 UTC 
newt-0.52.10-2.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 18 Fedora Update System 2009-09-25 20:15:39 UTC 
newt-0.52.10-4.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.