lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E1E3JUj-0005PQ-Pc@mercury.mandriva.com>
Date: Thu, 11 Aug 2005 14:17:41 -0600
From: Mandriva Security Team <security@...driva.com>
To: bugtraq@...urityfocus.com
Subject: MDKSA-2005:135 - Updated kdegraphics packages fix vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           kdegraphics
 Advisory ID:            MDKSA-2005:135
 Date:                   August 11th, 2005

 Affected versions:	 10.2
 ______________________________________________________________________

 Problem Description:

 A vulnerability in the kpdf KDE PDF viewer was discovered.  An attacker
 could construct a malicious PDF file that would cause kpdf to consume
 all available disk space in /tmp when opened.
 
 The updated packages have been patched to correct this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2097
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.2:
 dc99859286e4d0fed79e36a2234f968b  10.2/RPMS/kdegraphics-3.3.2-21.2.102mdk.i586.rpm
 ef892e76c8facb4d4a6dfbdee38ba43f  10.2/RPMS/kdegraphics-common-3.3.2-21.2.102mdk.i586.rpm
 d5c53c81977b6afc9e99489011138f96  10.2/RPMS/kdegraphics-kdvi-3.3.2-21.2.102mdk.i586.rpm
 fa73712fe80d6781fc10e165ebf3f51b  10.2/RPMS/kdegraphics-kfax-3.3.2-21.2.102mdk.i586.rpm
 9a120204e9d79af11c5d3155dfe62c5f  10.2/RPMS/kdegraphics-kghostview-3.3.2-21.2.102mdk.i586.rpm
 82083ee778f6ef85caef00374f81ca93  10.2/RPMS/kdegraphics-kiconedit-3.3.2-21.2.102mdk.i586.rpm
 c08c81b8100c411db62eb57060cffc10  10.2/RPMS/kdegraphics-kolourpaint-3.3.2-21.2.102mdk.i586.rpm
 c47bd293b26c83efcf232ff0289cfb76  10.2/RPMS/kdegraphics-kooka-3.3.2-21.2.102mdk.i586.rpm
 f5a4851fd0bf983c8bb7cf84b4ea5d70  10.2/RPMS/kdegraphics-kpaint-3.3.2-21.2.102mdk.i586.rpm
 d9eb92a5b8563d352a024edf46697ba2  10.2/RPMS/kdegraphics-kpdf-3.3.2-21.2.102mdk.i586.rpm
 5966cff09aa2fc0ccfa7e20c90cf685e  10.2/RPMS/kdegraphics-kpovmodeler-3.3.2-21.2.102mdk.i586.rpm
 56a56d26e4f8d76b2d9767c984adbff8  10.2/RPMS/kdegraphics-kruler-3.3.2-21.2.102mdk.i586.rpm
 6a3a3bf1536264dfb3fcb76234ea1f53  10.2/RPMS/kdegraphics-ksnapshot-3.3.2-21.2.102mdk.i586.rpm
 58939be6689e882e9333131ba7ae34b4  10.2/RPMS/kdegraphics-ksvg-3.3.2-21.2.102mdk.i586.rpm
 b8ab358a9c108a0287c3fc91b4c5b6ce  10.2/RPMS/kdegraphics-kuickshow-3.3.2-21.2.102mdk.i586.rpm
 855cf3cbbdcc291f148c56d1d96ccd38  10.2/RPMS/kdegraphics-kview-3.3.2-21.2.102mdk.i586.rpm
 94786f5cba3f6708307264d85eca1cf6  10.2/RPMS/kdegraphics-mrmlsearch-3.3.2-21.2.102mdk.i586.rpm
 df4b7c27e0840c93afa31723bddfec8f  10.2/RPMS/libkdegraphics0-common-3.3.2-21.2.102mdk.i586.rpm
 8eb00f01f5aebf9c8c8f02731924ee36  10.2/RPMS/libkdegraphics0-common-devel-3.3.2-21.2.102mdk.i586.rpm
 6a468ed84919e033d42aa948beaf3086  10.2/RPMS/libkdegraphics0-kghostview-3.3.2-21.2.102mdk.i586.rpm
 351a74ef90d41124b3bb635bc38f9d09  10.2/RPMS/libkdegraphics0-kghostview-devel-3.3.2-21.2.102mdk.i586.rpm
 ddfa6189d773023f2ea9d44755e4469a  10.2/RPMS/libkdegraphics0-kooka-3.3.2-21.2.102mdk.i586.rpm
 d1a3935ca53fc9a24199f7e14c899b14  10.2/RPMS/libkdegraphics0-kooka-devel-3.3.2-21.2.102mdk.i586.rpm
 e1d9efd2588cfcc38d4dcce4acb58d0f  10.2/RPMS/libkdegraphics0-kpovmodeler-3.3.2-21.2.102mdk.i586.rpm
 b0b7ca65dd69cb59a2a3eda210953d1c  10.2/RPMS/libkdegraphics0-kpovmodeler-devel-3.3.2-21.2.102mdk.i586.rpm
 8e8b5a4edc7b45bcf1be1e3d46a6757a  10.2/RPMS/libkdegraphics0-ksvg-3.3.2-21.2.102mdk.i586.rpm
 834f3866fe6ba195307487f449b58d4d  10.2/RPMS/libkdegraphics0-ksvg-devel-3.3.2-21.2.102mdk.i586.rpm
 ac457fab7ebfea9f0c519ab1ec2f32cd  10.2/RPMS/libkdegraphics0-kuickshow-3.3.2-21.2.102mdk.i586.rpm
 47092acf77b769b620ba9748ca868a22  10.2/RPMS/libkdegraphics0-kview-3.3.2-21.2.102mdk.i586.rpm
 7f97d956309b0467359f3f522f897a9a  10.2/RPMS/libkdegraphics0-kview-devel-3.3.2-21.2.102mdk.i586.rpm
 315a93ebae47bbb647125c385a8e3d3f  10.2/RPMS/libkdegraphics0-mrmlsearch-3.3.2-21.2.102mdk.i586.rpm
 ff7a54a756406bdd58e4159476e78114  10.2/SRPMS/kdegraphics-3.3.2-21.2.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 371492535d90510377975b818b6cceb2  x86_64/10.2/RPMS/kdegraphics-3.3.2-21.2.102mdk.x86_64.rpm
 b1678ad78ea0ffd304eebfda97279256  x86_64/10.2/RPMS/kdegraphics-common-3.3.2-21.2.102mdk.x86_64.rpm
 ddc17693e76485b149dfc6d83197bee8  x86_64/10.2/RPMS/kdegraphics-kdvi-3.3.2-21.2.102mdk.x86_64.rpm
 fd3d77c9cc5348ee046c2660b61d7015  x86_64/10.2/RPMS/kdegraphics-kfax-3.3.2-21.2.102mdk.x86_64.rpm
 aefbbdd70bf5b13577bb7ae5e0580046  x86_64/10.2/RPMS/kdegraphics-kghostview-3.3.2-21.2.102mdk.x86_64.rpm
 9382bb409c6f2bd78c25dd4bd9c099e0  x86_64/10.2/RPMS/kdegraphics-kiconedit-3.3.2-21.2.102mdk.x86_64.rpm
 2693a7332d9a02ed059535f97f87d395  x86_64/10.2/RPMS/kdegraphics-kolourpaint-3.3.2-21.2.102mdk.x86_64.rpm
 5fafa0928c09d3ae9779b75141c6117c  x86_64/10.2/RPMS/kdegraphics-kooka-3.3.2-21.2.102mdk.x86_64.rpm
 64633c041bd2dced17eb2cbc10d0d2b7  x86_64/10.2/RPMS/kdegraphics-kpaint-3.3.2-21.2.102mdk.x86_64.rpm
 7e1953e64b8807f6f1f5259461eb34b1  x86_64/10.2/RPMS/kdegraphics-kpdf-3.3.2-21.2.102mdk.x86_64.rpm
 00bb60faa9ef9a7ec21e3525ed5561d4  x86_64/10.2/RPMS/kdegraphics-kpovmodeler-3.3.2-21.2.102mdk.x86_64.rpm
 f247e4c766652d2d3a15986881a11cf1  x86_64/10.2/RPMS/kdegraphics-kruler-3.3.2-21.2.102mdk.x86_64.rpm
 85431fe8e530992bd49ca69a59f0e2b3  x86_64/10.2/RPMS/kdegraphics-ksnapshot-3.3.2-21.2.102mdk.x86_64.rpm
 8cee3225a9e7298698d2574a77686762  x86_64/10.2/RPMS/kdegraphics-ksvg-3.3.2-21.2.102mdk.x86_64.rpm
 e97f0429d28ec59c7b5afc27b9761af8  x86_64/10.2/RPMS/kdegraphics-kuickshow-3.3.2-21.2.102mdk.x86_64.rpm
 b9e87ae4b7fed624ba20c120d675b319  x86_64/10.2/RPMS/kdegraphics-kview-3.3.2-21.2.102mdk.x86_64.rpm
 19332441b7057b15755bdae3e37277ba  x86_64/10.2/RPMS/kdegraphics-mrmlsearch-3.3.2-21.2.102mdk.x86_64.rpm
 b0667c3aad4160080f92def692ad270f  x86_64/10.2/RPMS/lib64kdegraphics0-common-3.3.2-21.2.102mdk.x86_64.rpm
 4cc674f3a375954937366d2a52ca3662  x86_64/10.2/RPMS/lib64kdegraphics0-common-devel-3.3.2-21.2.102mdk.x86_64.rpm
 dc2e8fef7c03828ee5393ffa98d3adf3  x86_64/10.2/RPMS/lib64kdegraphics0-kghostview-3.3.2-21.2.102mdk.x86_64.rpm
 37b22f4c2eac765038ae559765f23532  x86_64/10.2/RPMS/lib64kdegraphics0-kghostview-devel-3.3.2-21.2.102mdk.x86_64.rpm
 3b02ec29fc8abd8b4bf76a2e7bcf5cdd  x86_64/10.2/RPMS/lib64kdegraphics0-kooka-3.3.2-21.2.102mdk.x86_64.rpm
 caf54d100aa98e50aa8e13f9e8babc66  x86_64/10.2/RPMS/lib64kdegraphics0-kooka-devel-3.3.2-21.2.102mdk.x86_64.rpm
 6b670ee7d4e90ecc6447f3cc402b4912  x86_64/10.2/RPMS/lib64kdegraphics0-kpovmodeler-3.3.2-21.2.102mdk.x86_64.rpm
 4521f77d6fc03815c5b011fd8b8e9d0f  x86_64/10.2/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.3.2-21.2.102mdk.x86_64.rpm
 af03e92003c944d8017a669cbdccc264  x86_64/10.2/RPMS/lib64kdegraphics0-ksvg-3.3.2-21.2.102mdk.x86_64.rpm
 626457c41e46b369d565ef3c01e86e08  x86_64/10.2/RPMS/lib64kdegraphics0-ksvg-devel-3.3.2-21.2.102mdk.x86_64.rpm
 bc981122de4936cf0e388c2fcf0ef9de  x86_64/10.2/RPMS/lib64kdegraphics0-kuickshow-3.3.2-21.2.102mdk.x86_64.rpm
 5a7aced477550ecfa7ed0df1b11f782b  x86_64/10.2/RPMS/lib64kdegraphics0-kview-3.3.2-21.2.102mdk.x86_64.rpm
 d99b9d3d03d3bf550abd28f174acd8e8  x86_64/10.2/RPMS/lib64kdegraphics0-kview-devel-3.3.2-21.2.102mdk.x86_64.rpm
 afe126ed795de6981081bdd1c84b704e  x86_64/10.2/RPMS/lib64kdegraphics0-mrmlsearch-3.3.2-21.2.102mdk.x86_64.rpm
 ff7a54a756406bdd58e4159476e78114  x86_64/10.2/SRPMS/kdegraphics-3.3.2-21.2.102mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC+7JlmqjQ0CJFipgRAkCiAJwO24cmq1iX8pVhjsVtbLwNvRfUmwCcC0+h
ylLnIDyglGnzIxkz0ZAG1AM=
=eD4j
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ