[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20041022025955.15641.qmail@updates.mandrakesoft.com>
Date: 22 Oct 2004 02:59:55 -0000
From: Mandrake Linux Security Team <security@...ux-mandrake.com>
To: bugtraq@...urityfocus.com
Subject: MDKSA-2004:115 - Updated kdegraphics packages fix DoS vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: kdegraphics
Advisory ID: MDKSA-2004:115
Date: October 21st, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
Chris Evans discovered numerous vulnerabilities in the xpdf package,
which also effect software using embedded xpdf code, such as kpdf:
Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0.
Also programs like kpdf which have embedded versions of xpdf.
These can result in writing an arbitrary byte to an attacker controlled
location which probably could lead to arbitrary code execution.
The updated packages are patched to protect against these
vulnerabilities.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
54d34901667194a884990df8fceda44c 10.0/RPMS/kdegraphics-3.2-15.2.100mdk.i586.rpm
c4393b2bef8977690eccc8ed51a8efca 10.0/RPMS/kdegraphics-common-3.2-15.2.100mdk.i586.rpm
edbbe2c21d81f8677f16c2956a06009c 10.0/RPMS/kdegraphics-kdvi-3.2-15.2.100mdk.i586.rpm
b69407bdd8d350da7173f517f2f7d51e 10.0/RPMS/kdegraphics-kfax-3.2-15.2.100mdk.i586.rpm
cd077849e2865034b3610c9235d53819 10.0/RPMS/kdegraphics-kghostview-3.2-15.2.100mdk.i586.rpm
3de0a548d73689a892d48a85406b8367 10.0/RPMS/kdegraphics-kiconedit-3.2-15.2.100mdk.i586.rpm
1d4eaaa7b4a47343b05004d4fc023988 10.0/RPMS/kdegraphics-kooka-3.2-15.2.100mdk.i586.rpm
60f70cd8d5980f74ca000903a1d71771 10.0/RPMS/kdegraphics-kpaint-3.2-15.2.100mdk.i586.rpm
7176f1ebb79391b5fcc3d68941dccb35 10.0/RPMS/kdegraphics-kpdf-3.2-15.2.100mdk.i586.rpm
2133d2d63704206192910570b6bc742d 10.0/RPMS/kdegraphics-kpovmodeler-3.2-15.2.100mdk.i586.rpm
6b21f6fea34206888c47b89d5a0536af 10.0/RPMS/kdegraphics-kruler-3.2-15.2.100mdk.i586.rpm
86612aea584598abec93481389525095 10.0/RPMS/kdegraphics-ksnapshot-3.2-15.2.100mdk.i586.rpm
1f87a0f8ee2de982a58ad24491fc6b1e 10.0/RPMS/kdegraphics-ksvg-3.2-15.2.100mdk.i586.rpm
e09d7392164b04b3209f6ef5f197325e 10.0/RPMS/kdegraphics-kuickshow-3.2-15.2.100mdk.i586.rpm
0681dd5bd8be3c6eaef7d26bbfd338aa 10.0/RPMS/kdegraphics-kview-3.2-15.2.100mdk.i586.rpm
cc6e2ea22232cd78ac6563e636ba2b22 10.0/RPMS/kdegraphics-mrmlsearch-3.2-15.2.100mdk.i586.rpm
cb5026e54d040308243b9644dff42bae 10.0/RPMS/libkdegraphics0-common-3.2-15.2.100mdk.i586.rpm
6bec482da4b14188d860853db62228b5 10.0/RPMS/libkdegraphics0-common-devel-3.2-15.2.100mdk.i586.rpm
73cc1c8d2165273320375df5dc29e7c2 10.0/RPMS/libkdegraphics0-kooka-3.2-15.2.100mdk.i586.rpm
c64f9cd73ab00e9e52338e03b29cb2f4 10.0/RPMS/libkdegraphics0-kooka-devel-3.2-15.2.100mdk.i586.rpm
425f38c7c3cc3fab66ff43d4f554c7d2 10.0/RPMS/libkdegraphics0-kpovmodeler-3.2-15.2.100mdk.i586.rpm
c33cf1d0feb1d82cc196e677a5efc758 10.0/RPMS/libkdegraphics0-kpovmodeler-devel-3.2-15.2.100mdk.i586.rpm
a8c9c5d367d4f85cd4f9fcc61a8a0d2d 10.0/RPMS/libkdegraphics0-ksvg-3.2-15.2.100mdk.i586.rpm
974b2c6f93cdc7dfd06ea67ff9f02164 10.0/RPMS/libkdegraphics0-ksvg-devel-3.2-15.2.100mdk.i586.rpm
c5977ef7a743dfd00240bbc3043d8e56 10.0/RPMS/libkdegraphics0-kuickshow-3.2-15.2.100mdk.i586.rpm
e820d02b9fb85f24ac1a6fda9de70661 10.0/RPMS/libkdegraphics0-kview-3.2-15.2.100mdk.i586.rpm
fb591c6cfe29caf42f8ae5a224138f3a 10.0/RPMS/libkdegraphics0-kview-devel-3.2-15.2.100mdk.i586.rpm
f430452370cab160119df86eb2b2b63e 10.0/RPMS/libkdegraphics0-mrmlsearch-3.2-15.2.100mdk.i586.rpm
3f22b2bdc5c9e388f8d2e264722b7d2a 10.0/SRPMS/kdegraphics-3.2-15.2.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
ee02e1458dcf080047edabfdd7047e3c amd64/10.0/RPMS/kdegraphics-3.2-15.2.100mdk.amd64.rpm
65c92d7d9c5288662bdba996bf3f6d2f amd64/10.0/RPMS/kdegraphics-common-3.2-15.2.100mdk.amd64.rpm
64d471c8e414f14fa16d74f251fc3584 amd64/10.0/RPMS/kdegraphics-kdvi-3.2-15.2.100mdk.amd64.rpm
b5749f135d53171d3eb100f0052198c4 amd64/10.0/RPMS/kdegraphics-kfax-3.2-15.2.100mdk.amd64.rpm
9b392ea47cf0f9aa4c2a7eb04289e0fe amd64/10.0/RPMS/kdegraphics-kghostview-3.2-15.2.100mdk.amd64.rpm
31eed9dd801faa37e97ec9e5a9e71992 amd64/10.0/RPMS/kdegraphics-kiconedit-3.2-15.2.100mdk.amd64.rpm
11653b00fe1fea148bb07bb1675fc01d amd64/10.0/RPMS/kdegraphics-kooka-3.2-15.2.100mdk.amd64.rpm
870d1f006b04602c41a816355c9769eb amd64/10.0/RPMS/kdegraphics-kpaint-3.2-15.2.100mdk.amd64.rpm
99b640d366d4f629ee18cd55df4ba37f amd64/10.0/RPMS/kdegraphics-kpdf-3.2-15.2.100mdk.amd64.rpm
87b282af64223971d10f003c8c717714 amd64/10.0/RPMS/kdegraphics-kpovmodeler-3.2-15.2.100mdk.amd64.rpm
d6e2df5e9cbe67781712cc3220db4d14 amd64/10.0/RPMS/kdegraphics-kruler-3.2-15.2.100mdk.amd64.rpm
f68a79ffd407b44a75b3d8c83448d8c3 amd64/10.0/RPMS/kdegraphics-ksnapshot-3.2-15.2.100mdk.amd64.rpm
ab67b16558cbd39eb2f6ce960f55aac8 amd64/10.0/RPMS/kdegraphics-ksvg-3.2-15.2.100mdk.amd64.rpm
df749af5048d222370e41c91aff26353 amd64/10.0/RPMS/kdegraphics-kuickshow-3.2-15.2.100mdk.amd64.rpm
a63255ee573e2f414c8bdc8a6ea7dbc4 amd64/10.0/RPMS/kdegraphics-kview-3.2-15.2.100mdk.amd64.rpm
e025d51bea713a40a0d227094bb7392f amd64/10.0/RPMS/kdegraphics-mrmlsearch-3.2-15.2.100mdk.amd64.rpm
8d49246916b1f89ddf1af50f804c7ee9 amd64/10.0/RPMS/lib64kdegraphics0-common-3.2-15.2.100mdk.amd64.rpm
f3ff0d16d3c9a9af87cb5c67c8888e01 amd64/10.0/RPMS/lib64kdegraphics0-common-devel-3.2-15.2.100mdk.amd64.rpm
f240739fdae68158779b796773e9c503 amd64/10.0/RPMS/lib64kdegraphics0-kooka-3.2-15.2.100mdk.amd64.rpm
fa4378e2fa62fdc3ccb14c8c8e24f267 amd64/10.0/RPMS/lib64kdegraphics0-kooka-devel-3.2-15.2.100mdk.amd64.rpm
9c6b2a5890ca2b0c16b1821b31bf612f amd64/10.0/RPMS/lib64kdegraphics0-kpovmodeler-3.2-15.2.100mdk.amd64.rpm
7b6306d97f7e36baa7099e02682f3730 amd64/10.0/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.2-15.2.100mdk.amd64.rpm
2e762585ccef621055d509fa353e1e7d amd64/10.0/RPMS/lib64kdegraphics0-ksvg-3.2-15.2.100mdk.amd64.rpm
4fec49765fbc8f6d88dd6c1960f2a2aa amd64/10.0/RPMS/lib64kdegraphics0-ksvg-devel-3.2-15.2.100mdk.amd64.rpm
bea91129fe97457e6585b3e83c28319f amd64/10.0/RPMS/lib64kdegraphics0-kuickshow-3.2-15.2.100mdk.amd64.rpm
0ccafa6f2645f8a1a1df72432150d49a amd64/10.0/RPMS/lib64kdegraphics0-kview-3.2-15.2.100mdk.amd64.rpm
b9ae2f1ec754c18dac81ed546a47b2f7 amd64/10.0/RPMS/lib64kdegraphics0-kview-devel-3.2-15.2.100mdk.amd64.rpm
b97aacf4697f053d74003e058783dc88 amd64/10.0/RPMS/lib64kdegraphics0-mrmlsearch-3.2-15.2.100mdk.amd64.rpm
3f22b2bdc5c9e388f8d2e264722b7d2a amd64/10.0/SRPMS/kdegraphics-3.2-15.2.100mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBeHermqjQ0CJFipgRAibgAKDMppRzbVvPKcAOEbOlCz6fhmZumgCfWmaS
CLJ4+/cDxfVnKg5QPIZ29l8=
=M9bh
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists