lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1PdP5l-0001cz-AK@titan.mandriva.com>
Date: Thu, 13 Jan 2011 16:28:01 +0100
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDVSA-2011:005 ] evince

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:005
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : evince
 Date    : January 13, 2011
 Affected: 2010.0, 2010.1, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in evince:
 
 Array index error in the PK and VF font parser in the dvi-backend
 component in Evince 2.32 and earlier allows remote attackers to
 cause a denial of service (application crash) or possibly execute
 arbitrary code via a crafted font in conjunction with a DVI file that
 is processed by the thumbnailer (CVE-2010-2640, CVE-2010-2641).
 
 Heap-based buffer overflow in the AFM font parser in the dvi-backend
 component in Evince 2.32 and earlier allows remote attackers to
 cause a denial of service (application crash) or possibly execute
 arbitrary code via a crafted font in conjunction with a DVI file that
 is processed by the thumbnailer (CVE-2010-2642).
 
 Integer overflow in the TFM font parser in the dvi-backend component in
 Evince 2.32 and earlier allows remote attackers to execute arbitrary
 code via a crafted font in conjunction with a DVI file that is
 processed by the thumbnailer (CVE-2010-2643).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.0:
 e079913edf4d4f3073865b7d49fe799e  2010.0/i586/evince-2.28.1-1.1mdv2010.0.i586.rpm
 799a7a19999cca73b787ea557fabe48b  2010.0/i586/libevince1-2.28.1-1.1mdv2010.0.i586.rpm
 9da45de2f8808622d87310139ab0cd57  2010.0/i586/libevince-devel-2.28.1-1.1mdv2010.0.i586.rpm 
 8cf3fc28bc224cb6d798986b83ff214b  2010.0/SRPMS/evince-2.28.1-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 7f547bd0f819bb294155a77992dc3867  2010.0/x86_64/evince-2.28.1-1.1mdv2010.0.x86_64.rpm
 b49ee796665b1f3690aa8604f398da6f  2010.0/x86_64/lib64evince1-2.28.1-1.1mdv2010.0.x86_64.rpm
 2d4d32da719f789cab879b3a057c31e8  2010.0/x86_64/lib64evince-devel-2.28.1-1.1mdv2010.0.x86_64.rpm 
 8cf3fc28bc224cb6d798986b83ff214b  2010.0/SRPMS/evince-2.28.1-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 89ccc35a168dc271615257ca3b9dc15b  2010.1/i586/evince-2.30.3-1.1mdv2010.2.i586.rpm
 680a161ca4937b9624d76313f66ece67  2010.1/i586/libevince2-2.30.3-1.1mdv2010.2.i586.rpm
 5f2992bce84180aa51ff1b7a6ceb8ff1  2010.1/i586/libevince-devel-2.30.3-1.1mdv2010.2.i586.rpm 
 1c0b1ce4cb6374b5d83f620669e2ff7f  2010.1/SRPMS/evince-2.30.3-1.1mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 92b2edf7ebcbc5562b3664d328cfbb84  2010.1/x86_64/evince-2.30.3-1.1mdv2010.2.x86_64.rpm
 258d61dca83a88e6a4560e0793ebc35f  2010.1/x86_64/lib64evince2-2.30.3-1.1mdv2010.2.x86_64.rpm
 04afd91e85be6701d28e0b1164e7e41f  2010.1/x86_64/lib64evince-devel-2.30.3-1.1mdv2010.2.x86_64.rpm 
 1c0b1ce4cb6374b5d83f620669e2ff7f  2010.1/SRPMS/evince-2.30.3-1.1mdv2010.2.src.rpm

 Mandriva Enterprise Server 5:
 c5187d89da4344a18e4b757f51946671  mes5/i586/evince-2.24.0-2.2mdvmes5.1.i586.rpm
 5a81c37bff705aa4b7b9cb8e96a4cbb2  mes5/i586/libevince0-2.24.0-2.2mdvmes5.1.i586.rpm
 9e1c0400a275f99fa3a1350b4328e84e  mes5/i586/libevince-devel-2.24.0-2.2mdvmes5.1.i586.rpm 
 d4ac7e1574b982ec49d34cfb61026c77  mes5/SRPMS/evince-2.24.0-2.2mdvmes5.1.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 8f672ce32264b8ca99f5540972a3a7f8  mes5/x86_64/evince-2.24.0-2.2mdvmes5.1.x86_64.rpm
 0882e7a97b30c1ecf1ebf7c1dd1bb191  mes5/x86_64/lib64evince0-2.24.0-2.2mdvmes5.1.x86_64.rpm
 9bce986a11c112a50911390d965be0c9  mes5/x86_64/lib64evince-devel-2.24.0-2.2mdvmes5.1.x86_64.rpm 
 d4ac7e1574b982ec49d34cfb61026c77  mes5/SRPMS/evince-2.24.0-2.2mdvmes5.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNLuyrmqjQ0CJFipgRAi8kAKC7zVrpdQxiuU7w+oVNpNi2l8gAzACfQ14D
YAUn/R+xAZUWOs8ScQUXjXI=
=C2wo
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ