lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <m1FEmCg-000ofqC__27321.7705580921$1141324523$gmane$org@finlandia.Infodrom.North.DE>
Date: Thu, 2 Mar 2006 12:42:42 +0100 (CET)
From: joey@...odrom.org (Martin Schulze)
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 984-1] New xpdf packages fix several problems


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 984-1                     security@...ian.org
http://www.debian.org/security/                             Martin Schulze
March 2nd, 2006                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : xpdf
Vulnerability  : several
Problem type   : local (remote)
Debian-specific: no

Derek Noonburg has fixed several potential vulnerabilities in xpdf,
the Portable Document Format (PDF) suite.

The old stable distribution (woody) does not seem to be affected.

For the stable distribution (sarge) these problems have been fixed in
version 3.00-13.6.

For the unstable distribution (sid) these problems have been fixed in
version 3.01-7.

We recommend that you upgrade your xpdf packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00-13.6.dsc
      Size/MD5 checksum:      781 3b09a41551eb88e135d4c1545edc3897
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00-13.6.diff.gz
      Size/MD5 checksum:    51817 20487e64403271f8193ddc959ff46d06
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00.orig.tar.gz
      Size/MD5 checksum:   534697 95294cef3031dd68e65f331e8750b2c2

  Architecture independent components:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.00-13.6_all.deb
      Size/MD5 checksum:    56592 49fcfd17053fba4b288e0ce69660f108
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.00-13.6_all.deb
      Size/MD5 checksum:     1284 91afb670cc3c9c19fb1e153c650f5fc1

  Alpha architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_alpha.deb
      Size/MD5 checksum:   802784 6db7693ed94beda4f4918e8a639e0165
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_alpha.deb
      Size/MD5 checksum:  1528860 edaa31b0b8c87b8605f4fddbe5197826

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_amd64.deb
      Size/MD5 checksum:   668468 6038c7858722032cef42823af1ceb27d
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_amd64.deb
      Size/MD5 checksum:  1275066 cad43af52cea66d5e2e046eaf0b0c734

  ARM architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_arm.deb
      Size/MD5 checksum:   675102 933e77479fa35243f25b9cf0a7af9960
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_arm.deb
      Size/MD5 checksum:  1279998 a2618d91a020e91f4a543526b00bab7e

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_i386.deb
      Size/MD5 checksum:   657110 7da2961c7030f4753ea677d40c7e8264
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_i386.deb
      Size/MD5 checksum:  1242800 1fe93e71851091093ad61e0fc9e207ef

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_ia64.deb
      Size/MD5 checksum:   951326 055fe0db7d1f7111cc6370f65d45f439
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_ia64.deb
      Size/MD5 checksum:  1802816 f9168deac0eda96b115bde2fbbf422e6

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_hppa.deb
      Size/MD5 checksum:   833234 53a85c49c0d0ed760da1ac5bd256cc1c
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_hppa.deb
      Size/MD5 checksum:  1581132 b830198ef741369f777e4a231c2b2352

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_m68k.deb
      Size/MD5 checksum:   586338 a951da441c2a3288622b116932faa42d
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_m68k.deb
      Size/MD5 checksum:  1117564 2fa1b6c62f770dbae84a02ca274fc0be

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_mips.deb
      Size/MD5 checksum:   808166 590198eb28d9ed0d6b32be9d1bac320b
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_mips.deb
      Size/MD5 checksum:  1525622 64de5bac988b7dc970cbf4e2ac5c991e

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_mipsel.deb
      Size/MD5 checksum:   798476 f269b9c1fc2ed4b90c32f4c53b0a8c91
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_mipsel.deb
      Size/MD5 checksum:  1504284 998fc34caadad1809fcb5bfe8d9dccd1

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_powerpc.deb
      Size/MD5 checksum:   694632 bc97e0eb5dbaa07f107507d5f956f1c6
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_powerpc.deb
      Size/MD5 checksum:  1313730 8851ce3bb1bc3fd71a3e6ced3080e392

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_s390.deb
      Size/MD5 checksum:   631038 0ffbacdcf61d48ba58c27c3a21156520
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_s390.deb
      Size/MD5 checksum:  1199354 3d551ef88027086a58bbe6e2312728fe

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.00-13.6_sparc.deb
      Size/MD5 checksum:   626786 9ab324a84408a8ab36b6d334d8ca0a65
    http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.00-13.6_sparc.deb
      Size/MD5 checksum:  1182350 bc265faf7e76574c8256e33d17b6faeb


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...ts.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFEBtoyW5ql+IAeqTIRAqt9AKCxS2vwEbRHxlY6UPNgQj4H5FKx8wCfdJWa
jp4TZxeaK2w3GTOUcb+XPPM=
=o28I
-----END PGP SIGNATURE-----



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ